If set, this file system will be mounted in the initial ramdisk

Filename of the image including all extensions (e.g image_1.raw or image_1.raw.zst).

The file systems to be mounted

Path of the image, relative to $out in system.build.image

Type of the file system

Path to file where information about communication will be stored

Full path to SU3 file to reseed from.

Path of the file GNS3 Server should log to.

Zone file resource records contain columns of data, separated by whitespace, that define the record.

Disable running fsck on this filesystem.

Location where the file system will be mounted

Filename to be used for the dump

Use custom DH TLS key, stored in PEM format in the file.

Whether to enable the filesystem mount.

If set, this file system will be mounted in the initial ramdisk

Path to Traefik's static configuration file.

Label of the device

Whether to enable File Roller, an archive manager for GNOME.

Filename to be used for the dump

Maximum file system usage (in MiB) for file sharing.

Path to Traefik's dynamic configuration file.

The file-roller package to use.

Options used to mount the file system

If the device does not currently contain a filesystem (as determined by blkid), then automatically format it with the filesystem type specified in fsType

If set, the filesystem is grown to its maximum size before being mounted. (This is typically the size of the containing partition.) This is currently only supported for ext2/3/4 filesystems that are mounted during early boot.

Configuration for filebeat

Additionally authenticate against a htpasswd file

Path to the accounts file.

By default pam-u2f module reads the keys from $XDG_CONFIG_HOME/Yubico/u2f_keys (or $HOME/.config/Yubico/u2f_keys if XDG variable is not set)

Path to the file containing the static authentication secret.

UUID of the stratis pool that the fs is located in

This is only relevant if you are using stratis.

The device as passed to mount

Systemd environment file to add to Coder.

Path to key file

List of paths that should be mounted before this one

Path to key file

Path to the .zone file

List of packages containing systemd-tmpfiles rules

Location of the backing encrypted device.

The path to the servers .htpasswd file

Sets which portal backend should be used to provide the implementation for the requested interface

Certificate Authority file for MQTT server access.

Path to YAML file that contains tracing configuration

Path to a keyfile used to unlock the backing encrypted device

The path to the workdir

These options will create the <FileSystem> sections of config file.

Name of a file containing the spiped key

Path to YAML file that contains tracing configuration

Path to YAML file that contains tracing configuration

A string value containing the path to a file to which log messages will be appended if the log configuration value is set to file

Snipe-IT configuration options to set in the .env file

The file image used for this drive.

Path to key file

SFTP private key file

Label of the unlocked encrypted device

Key file for MQTT server access.

Path to YAML file that contains object store configuration

The orangefs file systems to be mounted

File system ID (must be unique within configuration).

Path to YAML file that contains object store configuration

Filename of the logfile.

The block device is backed by an encrypted one, adds this device as a initrd luks entry.

Path to YAML file that contains tracing configuration

Path to YAML file that contains tracing configuration

Path to YAML file that contains tracing configuration

TCP port opened for file transfers.

The file systems to be mounted

IP on which the server instance will listen for incoming file transfer connections

A set of files to be copied to /boot

Config file watched by the reloader.

The tcp port used by seafile fileserver.

The path to the upperdir

The file access mode to use when creating this file or directory.

Output file for environment variable substituted config file.

Certificate file for MQTT server access.

The list of path(s) to the lowerdir(s)

Path to YAML file that contains object store configuration

Path to YAML file that contains object store configuration

Path to YAML file that contains object store configuration

Delete a file when it reaches a certain age

Path to the cache file.

Whether to enable logging to file.

File system root ID.

Path to local .zip file to reseed from.

Path to the file containing the secret keys.

BookStack configuration options to set in the .env file

File name in the rsa folder for which this passphrase should be used.

The path to the pommed.conf file

Path to YAML file that contains tracing configuration

Suricata threshold configuration file.

Whether to enable Prosody Filer XMPP upload file server.

The bind address used by seafile fileserver

Path to file that contain addresses of query peers

File name in the ecdsa folder for which this passphrase should be used.

File name in the pkcs8 folder for which this passphrase should be used.

Configuration for seafile-server, see https://manual.seafile.com/config/seafile-conf/ for supported values.

Text of the file.

Extra options to be added under production in config/gitlab.yml, as a nix attribute set

The value full-apivfs (the default) sets up private /dev, /proc, /sys, /tmp and /var/tmp file systems in a separate user name space

List of paths to btrfs filesystems to regularly call btrfs scrub on

The file access mode to use when creating this file or directory.

File name in the pkcs12 folder for which this passphrase should be used.

Contents of the first Files section of the X server configuration file.

List of paths to bcachefs filesystems to regularly call bcachefs scrub on

Path to YAML file that contains tracing configuration

Path used for pid file.

Extra config to append to seahub_settings.py file

Path to certificate file

Delete a file when it reaches a certain age

File name in the private folder for which this passphrase should be used.

PEM files to use

File path to a key file.

Type of logfile.

Suricata reference configuration file.

Path to auth.json file

The path of the Searx server settings.yml file

A set of files to be copied to $BOOT

file from which the secret value is read

Path to certificate file

Type of the file system

Path to YAML file that contains object store configuration

Loglevel for logs written to the logfile.

Packages whose D-Bus configuration files should be included in the configuration of the D-Bus system-wide or session-wide message bus

Target URL

Path of the source file.

File path to a cert file.

Logformat for logs written to the logfile.

The user of the file

Mount point.

Location where the file system will be mounted

The type of operation to perform on the file

XFS filesystem hosting the xfs_quota project.

Mount options

Path to the JSON file with the metric definitions

Path to the Xen Store log file.

The group of the file

User account under which seafile runs.

Configuration options corresponding to parameters set in conf/keycloak.conf

Specify the log file name

Path to certificate file

Patterns for files from which target groups are extracted

Sync data.

A list of files to copy into the chroot from the host system.

The configuration file passed to ukify(1) to create the UKI

Sync meta data.

Path in which to store user data

Group under which seafile runs.

Extra config for <FileSystem> section.

Path to the Xen Store access log file.

Configuration parameters to set in parsedmarc.ini

A file in the format described in fstab(5), used to mount filesystems inside the chroot

The file mode creation mask for Aria2 service

Override the configuration file used by Caddy

Whether to enable filebeat.

The offset of the key file

Arguments to the dafileserver process

The user of the file

Specifies which file should be used as the list of trusted CA when negotiating a TLS session.

Keyboard profile to apply at boot time

Options used to mount the file system

If enabled, lowerdir, upperdir and workdir will be prefixed with /sysroot

Additional configuration that exists before the first start and later overrides the existing values in config.json

Additional configuration that exists before the first start and later overrides the existing values in config.json

The type of operation to perform on the file

The group of the file

Whether to enable Seafile server.

User under which filesender runs.

Directory that contains all cryptographic profiles known to FAPI.

When using storage type filesystem this is the absolute path to the file system where uploaded files are stored until they expire

Which log files to check.

Environment variables from this file will be interpolated into the final config file using envsubst with this syntax: $ENVIRONMENT or ${VARIABLE}

Disable running fsck on this filesystem.

Rules for creation, deletion and cleaning of volatile and temporary files automatically

A set of files to be copied to /boot

A set of files to be copied to /boot

Dynamic configuration files to write

Extra config for <StorageHints> section.

The filebeat package to use.

Each attribute in this set specifies an option in the [Files] section of this unit

Rule files that should be used by rule manager

User account under which FileBrowser runs.

Contents of the drbd.conf configuration file.

Options for the upsd.conf configuration file.

Extra directives added to to the end of MPD's configuration file, mpd.conf

Environment variables from this file will be interpolated into the final config file using envsubst with this syntax: $ENVIRONMENT or ${VARIABLE}

Whether to enable the filesystem mount.

Additional configuration file entries

Profiles for TuneD

When to run garbage collection on stored data blocks

Configuration options to set in the GitLab Pages config file

The profile file contents

Name of the default cryptographic profile chosen from the profile_dir directory.

Suricata classification configuration file.

The location of the Drupal files directory.

Seafile Seahub Admin Account Email.

Commands to execute before the config file check

Group under which FileBrowser runs.

Reload nginx when configuration file changes (instead of restart)

Per-user rules for creation, deletion and cleaning of volatile and temporary files automatically.

Whether to enable automatic garbage collection on stored data blocks.

Absolute path to the certificate to load

Configuration options to add to Workhorse's configuration file

Label of the device

A file containing the password corresponding to services.filesender.database.user.

The number of gunicorn worker processes for handling requests.

Whether to enable FileSender.

List of file service discovery configurations.

Attrset of dconf profiles

File to load as environment file

Discourse site settings

monica configuration options to set in the .env file

The file to store the PID in.

The certificate profile to choose if the CA offers multiple profiles.

Names of the Disnix profiles to expose in the system's PATH

File to load as environment file

Whether to enable FileBrowser.

Profile name, defaults to 'system' (NixOS).

Zeronet fileserver port.

The profile file to load from "/var/lib/OpenRGB" at startup.

Global user rules for creation, deletion and cleaning of volatile and temporary files automatically

Path to a keyfile used to unlock the backing encrypted device

The content of /etc/asusd/profile.ron

If the device does not currently contain a filesystem (as determined by blkid), then automatically format it with the filesystem type specified in fsType

If set, the filesystem is grown to its maximum size before being mounted. (This is typically the size of the containing partition.) This is currently only supported for ext2/3/4 filesystems that are mounted during early boot.

Profile access endpoint.

Possible values are:

• yes: checksum validation is forced
• no: checksum validation is disabled
• auto: Suricata uses a statistical approach to detect when checksum off-loading is used. (default) Warning: 'checksum-validation' must be set to yes to have checksum tested.

This string contains the contents of the sudoers file.

The path to the file used for signing derivation data

Whether to enable systemd user units systemd-tmpfiles-setup.service and systemd-tmpfiles-clean.timer.

Enables U2F PAM (pam-u2f) module

Whether to check the resulting config file with unbound checkconf for syntax errors

Dynamic configuration for Traefik, written in Nix.

The path to the public key file for the host

A file containing the message of the day shown to users when they log in.

This string contains the contents of the sudoers file.

The input type

The filesender package to use.

BTRFS filesystems to run block-level deduplication on.

Hash algorithm to use for generated file naming

Custom configuration profiles for schroot.

This tells the USBGuard daemon which file to load as policy rule set

Additional hwdb files

The filebrowser package to use.

Device for manual resume attempt during boot

Contents of the jicofo.conf configuration file.

geoipupdate configuration options

Settings for LACT

The private key to persist address with

UUID of the stratis pool that the fs is located in

This is only relevant if you are using stratis.

The domain serving your FileSender instance.

Whether to check mtime of all zone files on start and sighup.

Path to files that contain addresses of store API servers

Paths to the Nix profile

List of paths that should be mounted before this one

Absolute path to the certificate to load

Agorakit configuration options to set in the .env file

File holding nginx configuration that sets the nonce used to create secret links

Set the path to file where the user's credentials are stored

The key.pem file used for https.

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

The device as passed to mount

Whether to enable Improved file manager, a single-file web-based filemanager

Lightweight and minimal, served using PHP's built-in server .

Path to the certificate file (if protocol is set to https or h2).

The size of the key file

Path of a file with extra environment variables to be loaded from disk

The path to MPD's database.

Certification Authority file for MQTT

Absolute path to the certificate to load

A file containing the HMAC key to use for signing URLs

The location of the system persistent storage file

Inputs specify how Filebeat locates and processes input data

Location of the backing encrypted device.

An argument whose meaning depends on the type of operation

The seahub package to use.

JSON file containing secret keys

Export all file systems listed in /proc/mounts

A state directory used by NetBird client to store config.json, state.json & resolv.conf.

A state directory used by NetBird client to store config.json, state.json & resolv.conf.

The cert.pem file used for https.

Additional udev rules

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

Environment variables from this file will be interpolated into the final config file using envsubst with this syntax: $ENVIRONMENT or ${VARIABLE}

Whether to enable exposing the Disnix profiles in the system's PATH.

Key file for MQTT

Settings for FileBrowser

Set maximum number of open files (RLIMIT_NOFILE) to <N>

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

Options appended to the PHP configuration file php.ini.

The actual zone data

The path to the workdir

The directory where FileBrowser stores files.

Absolute path to the certificate to load

Configuration options used by FileSender

Options for FileSender's PHP pool

A list of profiles used to setup the global environment.

The certificate profile to choose if the CA offers multiple profiles.

The path to the public key file for the host

Contents of the HAProxy configuration file, haproxy.conf.

A YAML config file which can be used to configure karma instead of the nix-generated file.

Label of the unlocked encrypted device

Load users and passwords from this file

File to load as environment file

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

Configuration for ccnet, see https://manual.seafile.com/config/ccnet-conf/ for supported values.

Where the transmitted SMSes are placed

Whether to delete all files in /tmp during boot.

Configuration for Prosody Filer

Options for the upsmon.conf configuration file.

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

Database port.

Database name.

Database user.

The port to listen on.

Whether to enable opening firewall ports for FileBrowser.

Per-user rules for creation, deletion and cleaning of volatile and temporary files automatically

Where the received SMSes are stored

The block device is backed by an encrypted one, adds this device as a initrd luks entry.

Certificate file for MQTT

Path to use for the pid file.

Declare systemd-tmpfiles rules to create, delete, and clean up volatile and temporary files and directories

This file can be used to store some or all of the options given to the commandline client

Name (relative to the root of the filesystem) of the subvolume where the hash table will be stored.

The name of the module

File path where the logs will be written

Which address to bind the seahub server to, of the form:

• HOST
• HOST:PORT
• unix:PATH

If enabled, copies the NixOS configuration file (usually /etc/nixos/configuration.nix) and symlinks it from the resulting system (getting to /run/current-system/configuration.nix)

File containing CA certificates of root CAs trusted to sign either remote SMTP server certificates or intermediate CA certificates

Options appended to the PHP configuration file php.ini.

Write changed secondary zones to their zonefile every N seconds

The path to the upperdir

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

Where SMSes with error in transmission is placed

Path to the session tokens file

Attribute set of lines for the global faxq config file etc/config

Autorandr profiles specification.

Optional path to a custom atalkd.conf file

Path to the snmpd.conf file

The list of path(s) to the lowerdir(s)

The artalk configuration

The directory where FileBrowser stores its cache.

An argument whose meaning depends on the type of operation

Where SMSes to be sent should be placed

Files to load as environment file

Environment file as defined in systemd.exec(5)

Structured contents of the krb5.conf file

The contents of /etc/screenrc file

Path of file to link to /etc/rspamd/rspamd.local.lua for local rules written in Lua

Packages added to the service's PATH environment variable

Environment file as defined in systemd.exec(5)

Whether to generate signing keys in /etc/guix which are required to initialize a substitute server

Directory to contain filesystem cache.

Attribute set of lines for the global hfaxd config file etc/hfaxd.conf

Before less opens a file, it first gives your input preprocessor a chance to modify the way the contents of the file are displayed.

The full path to a file that contains the user's (clear text) password

The file managing the authentication for deluge, the format of this file is straightforward, each line contains a username:password:level tuple in plaintext

System wide configuration file for Speech Dispatcher

Path to the file which contains the actual base64 encoded key

Configuration file for ZNC

Path to directory containing oCIS config file

Packaged Helm charts that are linked to /var/lib/rancher/k3s/server/static/charts before k3s starts

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

Filebeat modules provide a quick way to get started processing common log formats

Generates the aria2.conf file

Mods settings can be changed by specifying a dat file, in the mod settings file format.

Tracing configuration

Maximum file upload size in MiB.

The path to FileBrowser's Bolt database.

Configure nginx as a reverse proxy for FileSender.

The Lounge's config.js contents as attribute set (will be converted to JSON to generate the configuration file)

Content of the manifest file

Packaged Helm charts that are linked to /var/lib/rancher/rke2/server/static/charts before rke2 starts

Alloy configuration file/directory path

UIDs (as per the configured saml_uid_attribute) of FileSender administrators

Path to file with trusted public keys in OpenSSH's authorized_keys format

A Riemann config file

Blacklist an attacker when its score exceeds threshold

Whether to enable cachefilesd network filesystems caching daemon.

GID of created file

UID of created file

Extra contents of the configuration file of the CUPS daemon (cupsd.conf).

The sympa.conf configuration file as key value set

Free-form settings written directly to the lldap_config.toml file

Environment variables from this file will be interpolated into the final config file using envsubst with this syntax: $ENVIRONMENT or ${VARIABLE}

Content of the manifest file

Port that the /debug/pprof endpoint will listen on.

Map of PPD profiles to native TuneD profiles.

The address to listen on.

Additional text appended to nix.conf.

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

Tracing configuration

Tracing configuration

Creates .netrc file with the given token to be used for GitHub

Whether to use the built-in installation wizard instead of declaratively managing the app.ini config file in nix.

Define specific rules to be in the sudoers file

Neard INI-style configuration file as a Nix attribute set

Extra config to znc.conf file.

The power-profiles-daemon package to use.

Path where Postfix writes log entries

Override file in FreeSWITCH config template directory

Define specific rules to be in the sudoers file

Configuration file for persisting runtime changes

Whether to enable checking the config.json file resulting from services.radicle.settings.

Path of a file containing the password for Loki

The hosts.hfaxd file entry in the spooling area will be symlinked to the location given here

Environment file as defined in systemd.exec(5)

Whether to enable power-profiles-daemon, a DBus daemon that allows changing system behavior based upon user-selected power profiles.

The path to a file containing the secret used as django's SECRET_KEY.

Configuration file for the Samba suite in ini format

Packages added to the service's PATH environment variable

Verbatim advanced configuration file contents using the Erlang syntax

Environment file as defined in systemd.exec(5)

The sync mode influences how operations are committed to the disk log before the operation is acknowledged to the caller.

-ASYNC mode the writes to the disk log are buffered in memory by the operating system

The sync mode influences how operations are committed to the disk log before the operation is acknowledged to the caller.

-ASYNC mode the writes to the disk log are buffered in memory by the operating system

Path to use for the pid file.

Object store configuration

Path the the file containing the password used to unlock the Java KeyStore file specified in services.reposilite.settings.keyPath

Files to load suricata-update managed rules, relative to 'default-rule-path'.

Whether to enable Neovim

If enabled, each virtual host gets its own access.log and error.log, namely suffixed by the hostName of the virtual host.

If set to something else than symlink, the file is copied instead of symlinked, with the given file mode.

Verbatim nginx.conf configuration

Extra configuration for cgroup.conf

Make the server communicate via TLS

Path to the file containing rclone configuration

Environment file as defined in systemd.exec(5)

List of packages containing udev rules

Key file for client cert authentication to the server.

udev rules to include in the initrd only

Path to moduli file to install in /etc/ssh/moduli

A list of modules to include in the znc.conf file.

Contents of /etc/mdadm.conf.

Database hostname.

Settings serialized into config.yml before build

Similar to systemd.tmpfiles.settings but the rules are only applied by systemd-tmpfiles before initrd-switch-root.target

List the file systems that clients will be allowed to mount

A file containing a connection string for the database

Object store configuration

Manages the configuration files declaratively

Environment file as defined in systemd.exec(5)

File containing the Django SECRET_KEY

Profile hook scripts.

Description of how to identify the filesystem to be duplicated by this instance of bees

Extra command-line options passed to the daemon

Controls how systemd will interpret the root FS in initrd

Key file for client cert authentication to the server.

Extra contents of the configuration file of the CUPS daemon (cups-files.conf).

Fileserver role, serves files and volumes from its local storage.

Text to append to config.js web application config file

Path to a .json file specifying the state transitions

Extra configuration options appended to the default asterisk.conf file.

This option is opposite to lt-cred-mech. (TURN Server with no-auth option allows anonymous access)

Wallet file

Name of modem configuration file, will be searched for in config in the spooling area directory.

Tracing configuration

Tracing configuration

Tracing configuration

Environment file as defined in systemd.exec(5)

Declaratively define NetworkManager profiles

A file containing a secure random string

Settings that go into ca.json

Slurm expects config files for plugins in the same path as slurm.conf

A list of profiles to enable

the path passed to qbittorrent via --profile.

A set of CAs (certification authorities) and their options for the ‘ca xxx’ sections of the ipsec.conf file.

Configuration file to use with nohang

Log verbosity (syslog keyword/level).

Additional configuration for the WirePlumber daemon when run in single-instance mode (the default in nixpkgs and currently the only supported way to run WirePlumber configured via extraConfig)

Certificate file for client cert authentication to the server.

Directories to search for profiles, separated by , or ;.

Base path for all other storage paths.

Seafile Seahub Admin Account initial password

Path to a file containing the JWT secret.

Environment file as defined in systemd.exec(5)

Whether to provide a slurm.conf file

Path to the log directory, that pretalx logs message to.

WARNING: THIS IS INSECURE, as your password will end up in /nix/store, thus publicly readable

Verbatim inspircd.conf file

Per output profile configuration.

Path to configuration file

Extra configuration options that will be merged into the main config file datadog.yaml.

File path that contains the utility secret key

Path to file containing the Mackerel API key

The contents of the configuration. file of the CUPS Browsed daemon (cups-browsed.conf)

A list of user modules to include in the znc.conf file.

Certificate file for client cert authentication to the server.

Path to a configuration file to be merged with the settings

Attribute set of NetBird client daemons, by default each one will:

1. be manageable using dedicated tooling:

• netbird-<name> script,
• NetBird - netbird-<name> graphical interface when appropriate (see ui.enable),

2. run as a netbird-<name>.service,
3. listen for incoming remote connections on the port 51820 (openFirewall by default),
4. manage the netbird-<name> wireguard interface,
5. use the /var/lib/netbird-/config.json configuration file,
6. override /var/lib/netbird-/config.json with values from /etc/netbird-/config.d/*.json,
7. (hardened) be locally manageable by netbird-<name> system group,

With following caveats:

• multiple daemons will interfere with each other's DNS resolution of netbird.cloud, but should remain fully operational otherwise

Create the PostgreSQL database and database user locally.

The path to the list of CSV files to use when generating the CDI specification in CSV mode.

An attribute set of service options, which correspond to the service definitions usually done within the Postfix master.cf file.

If set, keys listed in ~/.ssh/authorized_keys and ~/.eid/authorized_certificates can be used to log in with the associated PKCS#11 tokens.

Enables Yubico PAM (yubico-pam) module

File path that contains the application secret key

Path of the device or swap file.

Additional settings to put in the discourse.conf file

Key file for client cert authentication to the server.

Metadata file for root certificate presence

Profile GC root policies.

If enabled, lowerdir, upperdir and workdir will be prefixed with /sysroot

The configuration of each Fail2ban “jail”

Object store configuration

Object store configuration

Environment file as defined in systemd.exec(5)

Object store configuration

Site URL

Define specific rules to be set in the /etc/doas.conf file

The server's configuration file

This file contains the full URI that can be used to access this instance of CouchDB

Configuration for STUN/TURN servers

"Options appended to the PHP configuration file php.ini used for this PHP-FPM pool."

Attribute set of additional plugins that will be symlinked to the plugin subdirectory

Configuration options in RabbitMQ's new config file format, which is a simple key-value format that can not express nested data structures

File system type.

Additional attributes to be merged with the configuration options and written to Pangolin's config.yml file.

Serve static files from a directory over HTTP

The keyfile which associates this machine with your tarsnap account

Single or list of files for which rules are defined

Path to pidfile for fdbmonitor.

Path to the directory that contains static files.

When less closes a file opened in such a way, it will call another program, called the input postprocessor, which may perform any desired clean-up action (such as deleting the replacement file created by LESSOPEN).

User name of file owner

Path to the file that contains the server salt

Takes a boolean argument

Certificate file for client cert authentication to the server.

Neo4j SSL policy for HTTPS traffic

Change history file.

File to load as environment file

Path to .dts overlay file, overlay is applied to each .dtb file matching "compatible" of the overlay.

A set of options for the ‘config setup’ section of the ipsec.conf file

The contents of the configuration file of the X server (xorg.conf)

Replacement-filepath mapping for sogo.conf

Add a randomized delay before each garbage collection

Output DPI configuration.

EnvironmentFile as defined in systemd.exec(5)

Specifies the path to a file containing the hashed password for the MQTT user

Tracing configuration

Hash table size in MB; must be a multiple of 16

Path to config file to parse and append to settings

Include the user configuration from ~/.config/fontconfig/fonts.conf or ~/.config/fontconfig/conf.d.

Contents of the teleport.yaml config file

Extra configuration to add to the kubelet's configuration file

Output resolution.

Output framerate.

The default syslog.conf file configures a fairly standard setup of log files, which can be extended by means of extraConfig.

Defines where FileSender logging is sent

File containing environment variables to substitute in the configuration before starting Traccar

Directory to serve throught the file managing service

Key file to use for clients

Group name of file owner

Choose users database file to use for authentication

Contents of the config.yaml config file

LiveKit key file holding one or multiple application secrets

Verbatim contents of the cgit runtime configuration file

Extra configuration to add to the kubelet's configuration file

Arguments to the dasalvager process

Attribute set of environment variable

Output video display controller.

Whether to enable watchdogd plugin filenr.

Path to a file that contains environment variables

Password file used for Nominatim database connection

Custom coredns corefile configuration

Filename for unix-command socket.

Specifies the path to a file containing the clear text password for the account

A file for storing secrets

Path to the file prometheus should write its query log to.

The high watermark level

Append an additional file's contents to /etc/iscsid.conf

Whether to log current stats every poll interval.

Whether to create a directory with links to all fonts in /run/current-system/sw/share/X11/fonts.

Whether to mount a zram device on /tmp during boot.

Whether to mount a tmpfs on /tmp during boot.

Data file location

Whether to enable checking the ci-broker.yaml file resulting from services.radicle.ci.broker.settings.

Location of a file containing the SMTP password

Output gamma configuration.

The resulting path of the generated Diffie-Hellman parameters file for other services to reference

The path to the file containing the Redis password

Path of a file containing the password for influxdb

Path to sendmail program

Tracing configuration

Font file made available for displaying text on the splash screen.

Cert file to use for clients

SSL certificate file path.

SSL CA file path for client certificate verification.

Absolute path of device node, file or other resource. (Mandatory)

A file containing the secrets for the dynamic DNS provider

Whether to enable Hyprland, the dynamic tiling Wayland compositor that doesn't sacrifice on its looks

The named AWS profile used to authenticate.

Arguments to the davolserver process

Configuration for Immich

If set, users listed in $XDG_CONFIG_HOME/Yubico/u2f_keys (or $HOME/.config/Yubico/u2f_keys if XDG variable is not set) are able to log in with the associated U2F key

The robot.conf configuration file as key value set

Extra configuration to add to the kube-proxy's configuration file

Vertical scaling factor/pixels.

Horizontal scaling factor/pixels.

List of paths to Privoxy filter files

Amount of seconds between every poll.

The default syslog.conf file configures a fairly standard setup of log files, which can be extended by means of extraConfig.

This is the name that will be displayed by NetworkManager and GUIs.

Whether to enable the output.

Output rotate configuration.

Sets the pointer acceleration profile to the given profile

Seahub public URL.

File containing the Flask secret key

Options stored in /etc/openvpn3/netcfg.json configuration file

The password to authenticate to PostgreSQL with

The master.cf configuration file as an attribute set of service defitions

Extra configuration to add to the kube-proxy's configuration file

Path to TOML config file

An extra JavaScript file to be loaded by the client.

CA private key -- accepts '[file:]fname' or 'env:varname'.

Logo which is displayed on the splash screen

CA used to sign the new certificate -- accepts '[file:]fname' or 'env:varname'.

Path to a file containing the logo of your Hydra instance.

The log file for captured samples.

A file containing the firezone relay token

Newline separated list of names to be allowed/denied if userlistEnable is true

File to load as environment file

The epjitsu package to use

Whether to enable this angrr policy.

Path to the periphery configuration file

If set, NixOS will enforce the immutability of the Nix store by making /nix/store a read-only bind mount

An extra CSS file to be loaded by the client.

Contents of sssd.conf.

The critical watermark level

The connection type defines the connection kind, like vpn, wireguard, gsm, wifi and more.

Retention period for the GC roots in this profile.

The specified name-string gives the system file name of the storage device managed by this storage daemon

Object store configuration

Make profile sidebar stick to top.

The full path to a file containing the password from upsd.users for accessing this UPS

Email address of FileSender administrator(s)

Path to an environment file as defined in systemd.exec(5)

Location of the cluster-join-token.key file

Neo4j SSL policy for BOLT traffic

Certificate file in PEM format.

Path to the file where DHT keys are stored.

ssl private key path A self-signed certificate will be generated if file not exists.

Path to file containing the secret key base

Global CellServDB file to be deployed

These settings are written to the agent.toml file

HTTP password file

Whether output should be marked as primary

Path to file containing the OTP secret

Path to TOML config file

An environment file as defined in systemd.exec(5)

The database.yml configuration file as key value set

Set a specific keyfile for this archive

Settings for a cups-pdf instance, see the descriptions in the template config file in the cups-pdf package

HTTP password file

Key file to use for peer to peer communication

Enables generation of split artifacts from partitions

Private key file in PEM format.

Whether to enable less, a file pager.

ssl certificate path A self-signed certificate will be generated if file not exists.

Specifies the path to a file containing the clear text password for the MQTT user

File containing environment variables to substitute when copying the configuration out of Nix store to the services.mautrix-discord.dataDir

File containing newline-separated list of paths to exclude into the backups

File containing newline-separated list of paths to include into the backups

Location of the dir with main.css CSS file

Configuration options for Shairport-Sync

Path to file containing database connection string with credentials

The nm-file-secret-agent package to use.

List of paths to Privoxy action files

Defines how Athens behaves when a module@version is not found in storage

Output scaling method.

Keep the latest N GC roots in this profile.

Configuration written to a yaml file that is read by glance

Path to a file containing the Cloudflare API authentication token

Lifespan of completely downloaded files in minutes.

Ignore all other cjdns options and load configuration from this file.

Whether to enable the diod 9P file server.

Whether to enable yazi terminal file manager.

Path to a file containing the API key to use when modifying DNS records.

File path containing the k3s token to use when connecting to a server.

Attributes for user's entry in pam_mount.conf.xml

Extra configuration to append to the default ~/.gitolite.rc

Roll over to a new log file after the current log file reaches the specified size.

Options stored in /etc/openvpn3/log-service.json configuration file

File, which is dynamically applied to server-settings.json before startup

The set of NTP servers from which to synchronise

Path of a file containing the password for the unifi service user

Output position

File path that contains the S3 access key.

File path that contains the S3 secret key.

Path to an INI format configuration file to provide Buffyboard

Specifies the path to a file containing the password hash for the account, generated with grub-mkpasswd-pbkdf2

Scrutiny settings to be rendered into the configuration file

Your configuration.yaml as a Nix attribute set

A file containing the password corresponding to database.user.

Options to be added to config.php, as a nix attribute set

Preswitch hook executed before mode switch.

TLS Options for the File Daemon

Path to the .hgrc file.

(Read-only) the path to the final bundle of certificate authorities as a single file.

BIRD Internet Routing Daemon configuration file. http://bird.network.cz/

Cert file to use for peer to peer communication

Path to bosun's state file.

The contents of the radvd configuration file.

File path containing the rke2 token to use when connecting to a server.

A file which contains JSON or HJSON configuration for yggdrasil

A file containing the firezone gateway token

Output scale configuration

HTTP password file

Predetect hook executed before autorandr attempts to run xrandr.

Whether to enable modification of share contents through the web ui.

This will only be used when systemd is used in stage 1.

List of packages containing udev rules that will be copied to stage 1

The path to your appkey

A path to a SSL secret key file in PEM format

A list of domains

Path to a file containing sensitive environment variables

The name of private PKCS #8 key file for this policy to be found in the baseDirectory, or the absolute path to the key file

Path to file containing the secret key base

Path to the remotes control file

Configuration of the netbird management server

The path to a file containing the API key

The path of dae config file, end with .dae.

The file system to put on the device

Path to the TLS key file.

Whether the Clevis JWE file used to decrypt the devices uses a Tang server as a pin.

The ordered audit rules, with each string appearing as one line of the audit.rules file.

Archive format used to store the dump file.

Whether to enable Send, a file sharing web sevice for ffsend..

The path to the file containing the password for the user

RSA private key file.

File containing SMTP password

The location of the output journal

To enable SSL, specify path to the name of certificate files without extension

Named accounts and their respective configurations

Any additional entries you want added to the systemd-boot menu

Configures logging

Sets the pointer acceleration profile to the given profile

The swap devices and swap files

GVPE config file, if already present

Your config.yaml as a Nix attribute set

Whether to enable git-lfs (Large File Storage).

SSL key file path

RSA certificate file.

The user names of the group members, added to the /etc/group file.

Path to the file containing rclone configuration

Allow the service to create and use its own config file inside the dataDir as configured by services.mediatomb.dataDir

The path to the xkb types file

Whether to index the hidden files or not.

File containing the password for the given username

If the mode is set to "file", the path to a HuJSON file containing ACL policies.

File containing POSTGRES_PASSWORD

Path to an environment file loaded for the tsidp service

Postswitch hook executed after mode switch.

Account certificate file, necessary to create, delete and manage tunnels

LiveKit key file holding one or multiple application secrets

Path to the TLS certificate file.

Whether to enable the NixOS initial RAM disk (initrd)

Path to the .netrc file.

The Apache Tika configuration (XML) file to use.

Additional text appended to ntp.conf.

Path to configuration file.

Path to the key file.

Whether to enable plikd, a temporary file upload system.

The database file to build.

Subordinate group ids that user is allowed to use

Subordinate user ids that user is allowed to use

TLS private key file

Sets the Authorization header on every remote read request with the bearer token read from the configured file

Settings serialized into user-data/conf.yml before build

Refer to xrandr(1) for the documentation of the transform matrix.

Whether to keep the last booted system generation

System databases (as described in /etc/nsswitch.conf on GNU/Linux systems) to copy into the chroot from the host.

Configuration of dnsmasq

Extra contents appended to the jupyterhub configuration

Jupyterhub configuration is a normal python file using Traitlets. https://jupyterhub.readthedocs.io/en/stable/getting-started/config-basics.html

Path to a file containing sensitive environment variables for Newt

config.xml configuration as a Nix attribute set

Refresh interval to re-read the files

Configuration file to use for FRR

Sets the Authorization header on every remote write request with the bearer token read from the configured file

Path to the log file for Murmur daemon

Certificate db configuration file

Additional GRUB commands inserted in the configuration file just before the menu entries.

Verbatim contents of cntlm.conf.

This tells 'ndppd' how often to reload the route file /proc/net/ipv6_route, in milliseconds.

The path to netrc file for upstream authentication

Location of MongoDB pid file

Path to the TLS key file.

The full path to a file which contains either

• a fine-grained personal access token (PAT),
• a classic PAT
• or a runner registration token

Changing this option or the tokenFile’s content triggers a new runner registration

Options used to mount the file system.

TLS certificate file

Path to the TLS certificate file.

Whether to enable desktop portal for wlroots-based desktops

Path to a file containing username:password. null means no authentication required to use the service.

A JSON file for provisioning persons, groups & systems

Additional environment file as defined in systemd.exec(5)

The maximum charge level to help reduce battery wear:

• high_capacity charges to 100% (driver default)
• balanced charges to 90%
• stationary charges to 80% (maximum lifespan)

Note: Regardless of the configured charging profile, the operating system will always report the battery as being charged to 100%.

A file containing the password corresponding to services.castopod.database.user

Path to file containing the public key used for Web Push Voluntary Application Server Identification

Your ui-lovelace.yaml managed as configuraton file

The path to the xkb compat file

Output name to EDID mapping

Lifespan of incomplete downloading files in minutes.

Whether to enable nix-index, a file database for nixpkgs.

Path to a file containing the camo HMAC key.

Specifies the location of file for logging output.

Path to the certificate file.

File to write the output to instead of systemd.

The secret file to be sourced for the .env settings.

Specify a configuration file that Mimir should use.

LIRC default options described in man:lircd(8) (lirc_options.conf)

Makes user-profiles globally available under nextcloud.tld/u/user.name

Files to load as an environment file just before Traefik starts

Whether to keep the current system generation

Path to a file which contains the password to authenticate with the target device

A file that contains the server secret for safe session cookies, must be set.

secretKeyFile takes precedence over secretKey

Path to file containing the private key used for Web Push Voluntary Application Server Identification

The path to the xkb symbols file

Path to a file containing the admin password for kanidm

All of these scripts will be executed in lexicographical order before hostapd is started, right after the bss segment was generated and may dynamically append bss options to the generated configuration file

File containing environment variables to substitute when copying the configuration out of Nix store to the services.mautrix-meta.dataDir

A list of extra crontab files that will be read and appended to the main crontab file when the cron service starts.

The security model to use for this share:

• passthrough: files are stored using the same credentials as they are created on the guest (this requires QEMU to run as root)
• mapped-xattr: some of the file attributes like uid, gid, mode bits and link target are stored as file attributes
• mapped-file: the attributes are stored in the hidden .virtfs_metadata directory

CA certificate to validate API server certificate with.

Whether to enable Thunar, the Xfce file manager.

Airsonic war file to use.

Contents of Dante's configuration file

Whether to enable the Bacula File Daemon.

Extra configuration text appended to sudoers.

A file containing the mail DSN for sending emails

Lines added verbatim to the generated configuration file.

Whether to enable logging to a file instead of journald, which is stored in /var/log/murmur.

Configurations for lircd to load, see man:lircd.conf(5) for details (lircd.conf)

Whether to enable serving NAR file contents via HTTP.

Path to private key file.

Specify a configuration file that Loki should use

Specify a path to a configuration file that Tempo should use.

Attributes for user's entry in pam_mount.conf.xml

File path containing the k3s YAML config

The path to your appkey

Sets the Authorization header on every scrape request with the bearer token read from the configured file

File containing PEM-encoded x509 RSA or ECDSA private or public keys, used to verify ServiceAccount tokens

Packages to add to the PATH environment variable

Set of files that have to be linked in /etc.

The config file

File which contains the rules to handle UPS events.

Private key file for the certificate.

Path to the server's private key

Extra configuration text appended to sudoers.

By default pam-ussh reads the trusted user CA keys from /etc/ssh/trusted_user_ca

Ignore all other 3proxy options and load configuration from this file.

Contents of sssd.conf.

Path to DH parameters file.

Configuration file to use.

Path to the JavaScript configuration file

File path containing the rke2 YAML config

Environment file to inject e.g. secrets into the configuration

Configuration written to guacamole.properties.

Create a systemd system service tsm-backup.service that starts a backup based on the given servername's stanza

File to load as the environment file

Your ui-lovelace.yaml as a Nix attribute set

Tweak CFS latency parameters when going on/off battery

Arguments to the salvageserver process

CA certificate to validate API server certificate with.

Contents of the sip-communicator.properties configuration file for jigasi.

A list of Cron jobs to be appended to the system-wide crontab

Extra text added to the end of /etc/xonsh/xonshrc, the system-wide control file for xonsh.

Extra lines to be added verbatim to the generated named configuration file.

File which contains the value of pictrs.api_key.

Path to the server's certificate

Certificate authority file to use for clients

Path to a file that contains the session secret

Path to nix file in repository

Extra text appended to vault.hcl.

If enabled, pam_gnupg will attempt to automatically unlock the user's GPG keys with the login password via gpg-agent

Environment variables which are loaded from the contents of the specified file paths

Path to a file containing the default admin password

Attribute set of default values for modem config files etc/config.*

A file containing the firezone client token

Path to an EnvironmentFile for the monero service as defined in systemd.exec(5)

Kubernetes kubelet extra configuration file entries

The upload limit for files

Local configuration files, written into /etc/rspamd/local.d/{name}.

Executable to be run at torrent completion.

Parameters to be written to /etc/atoprc.

Parameters to be written to the system-wide bat configuration file.

Path of the file containing the graylog node-id

Path to configuration file

Etcd certificate authority file

Etcd key file

Literal string to append to configFile and the config file generated by the plymouth module.

Path of the file Klipper should log to

Whether to enable tftpd, a Trivial File Transfer Protocol server

Extra configuration directives that should be added to pdnsd.conf.

Content of /etc/target/saveconfig.json This file is normally read and written by targetcli

Data directory for file backend

Contents of the database initialization config file

The user names of the group members, added to the /etc/group file.

Extra configuration options that will be added verbatim at the end of the ldap configuration file (ldap.conf(5))

The path to a file containing the credentials to use when binding to the LDAP server (if not binding anonymously).

External wpa_supplicant.conf configuration file

A set of connections and their options for the ‘conn xxx’ sections of the ipsec.conf file.

The path to the xkb keycodes file

If multiple server stanzas are declared with programs.tsmClient.servers, this option may be used to name a default server stanza that IBM TSM uses in the absence of a user-defined dsm.opt file

Path to file containing the secret key base

This will contain the contents of cups-pdf.conf for this instance, derived from settings

File containing the gossip secret, a shared secret key to use for gossip encryption

Set of files that have to be linked in runtime.

Determines whether a process should detect changes to the configuration file since it was last read

The password to authenticate to PostgreSQL with

Overridable config file to use for named

Path to the configuration file which maps the memory, IRQs and ports used by the PCMCIA hardware.

Additional config appended to the end of the generated cntlm.conf.

Path to the Gatus configuration file

vm.args configuration

This specifies the port number on which the Client listens for Director connections

Whether to enable A dead simple static HOMepage for your servER to keep your services on hand, from a simple yaml configuration file. .

Content of the configuration file

The user file mode creation mask to use on home directories newly created by pam_mkhomedir.

Override the configuration file used by Apache

Configuration lines appended to the generated gitea configuration file.

Archive format used to store the dump file.

Folder where Patroni data will be written, this is where the pgpass password file will be written.

Main domain to be used in sympa.conf

SSH private key file to use to login to the remote system

Verbatim contents of squid.conf

Turn-rs server config file

Path to file containing OpenGFW rules.

Subordinate user ids that user is allowed to use

Subordinate group ids that user is allowed to use

Account certificate file, necessary to create, delete and manage tunnels

Output path for the certificate private key

This option can be used to store some or all of the options given to the commandline client

Extra permission groups to attach to the KMonad instance for this keyboard

The set of fallback NTP servers from which to synchronise

Free-form settings written directly to the config.json file

The path to the xkb geometry file

Password used for authentication

A list of files each containing one OpenSSH public key that should be added to the user's authorized keys

CA certificate to validate API server certificate with.

A list of blacklisted CA certificate names that won't be imported from the Mozilla Trust Store into /etc/ssl/certs/ca-certificates.crt

Path of a file containing the password for the unifi service user

Info storages are used to store information about file uploads

Additional environment file as defined in systemd.exec(5)

The program to make available as /bin/sh inside the chroot

Path to a file containing the idm admin password for kanidm

The file ~/.background-image is used as a background image

Specifies the location of file for logging output.

The main.cf configuration file as key value set.

The font used for the virtual consoles

The rule statement configures a GNU Rush rule

File mode of the socket.

Etcd cert file

Text of the file.

Text of the file.

Extra contents of the kmscon.conf file.

Path to Klipper config file.

Path to the TLS private key file

Path to the TLS certificate file

Path to a file containing the secret key.

Squid configuration

Path to a file containing the secret API key to use when modifying DNS records.

Path to config file

The absolute path to the configuration file

Extra configuration options that will be added verbatim at the end of the nslcd configuration file (nslcd.conf(5)).

Path to an environment file to be loaded

Path to a file containing sensitive environment variables for Pangolin

Environment variables which are loaded from the contents of files at a file paths, mainly used for secrets

File to persist HTTPPROXY keys.

The path to a file containing the token used to authenticate with DuckDNS.

Text of the file.

Optional path to a credentials file for email alarms

Override the configuration file used by MySQL

Path to file containing a secret used to sign JWT tokens.

With "host", a separate output file is used, based on the hostname of the other endpoint of a connection

Whether to open the interpreter file as soon as the registration is loaded, rather than waiting for a relevant file to be invoked

Path to the file containing the password for the database connection

A list of verbatim OpenSSH public keys that should be added to the user's authorized keys

Whether to allow logging into accounts that have no password set (i.e., have an empty password field in /etc/passwd or /etc/group)

Whether to configure Privoxy to inspect HTTPS requests, meaning all encrypted traffic will be filtered as well

The encrypted disk that should be opened before the root filesystem is mounted

Extra configuration options for the athens config file.

Artalk config file path

Path to a file containing the Minio access key id.

Password for basic auth

The global options in config file in yaml format

Whether to run the GNUnet daemon

Path to the configuration file of dnsmasq.

Howdy configuration file

Whether to install SpaceFM and create /etc/spacefm/spacefm.conf.

Extra configuration directives that should be added to chrony.conf

Whether to enable please, a Sudo clone which allows a users to execute a command or edit a file as another user .

The name of an explicit dtb to be loaded, relative to the dtb base

Path to lesskey configuration file.

configFile takes precedence over commands, clearDefaultCommands, lineEditingKeys, and envVariables.

A file containing the RPC secret authorization token

Solanum IRC daemon configuration file. check https://github.com/solanum-ircd/solanum/blob/main/doc/reference.conf for all options.

Configuration options for the /etc/omnom/config.yml file.

Enable LDAP-Authentication for Netbox

Extra configuration

Contents of the Riemann configuration file

Path to the file containing the value for MAILMAN_REST_API_PASS.

Extra configuration options that will be added verbatim at the end of the slurm configuration file.

Key file for client cert authentication to the server.

Key file for client cert authentication to the server.

Files that should be concatenated together to form /etc/hosts.

The path specifying a PEM encoded TLS CA certificate(s)

The path specifying a PEM encoded TLS CA certificate(s)

File containing the password for the mpd daemon

Certificate authority file to use for peer to peer communication

Location of bitcoind pid file.

Client-side web application settings that override the defaults in config.js

Additional GRUB commands inserted in the configuration file at the start of each NixOS menu entry.

Verbatim configuration text appended to the generated gitweb.conf file.

Where Calibre-Web stores its data

Any additional configuration to be appended to the generated modprobe.conf

Literal contents to append to the end of actkbd configuration file.

Text of the file.

Path to CoreRAD TOML configuration file.

allow Artalk store the settings to config file persistently

Global configuration that should be added to the global directory of pdnsd.conf.

Configuration file, default is generated from config.service.umurmur.settings

Server configuration that should be added to the server directory of pdnsd.conf.

Settings to write to ntp.toml

See https://docs.ntpd-rs.pendulum-project.org/man/ntp.toml.5 for more information about available options.

Extra configuration to add at the end of the rspamd configuration file.

munin-node.conf extra configuration

The path, host/port or file descriptior to bind the gunicorn socket to

The path, host/port or file descriptior to bind the gunicorn socket to

Extra configuration to add at the bottom of the generated configuration file.

Path to config file

A list of files each containing one OpenSSH public key that should be added to the user's authorized keys

All of these scripts will be executed in lexicographical order before hostapd is started, right after the global segment was generated and may dynamically append global options the generated configuration file

The path specifying a PEM encoded TLS CA certificate(s)

File containing environment variables to be passed to the mautrix-signal service

Configuration files to load besides the immutable one defined by the NixOS module

Certificate file for client cert authentication to the server.

Certificate file for client cert authentication to the server.

Polio configuration

Extra configuration text appended to doas.conf

Path to the SSL certificate file

Extra configuration text prepended to ssh_config

Verbatim contents of sshd_config.

Extra configuration options which are serialized to json and added to the config.json file.

Extra lines to be added verbatim to the options section of the generated named configuration file.

Contents of /etc/auto.master file

Extra lines to be added verbatim to the generated configuration file

File to persist SOCKSPROXY keys.

Whether to enable Nautilus as file-chooser for xdg-desktop-portal-gnome.

The absolute path to the configuration file

Configuration for ulogd

The contents of OpenTSDB's configuration file

A file containing the Laravel APP_KEY - a 32 character long, base64 encoded key used for encryption where needed

Extra configuration for that will be added to mpi.conf.

If non-null, overrides the main configuration file of Nagios.

Additional configuration to be copied verbatim into zabbix.conf.php.

File path containing the k3s token agents can use to connect to the server

Attribute set of environment variable used in the global environment

The list of Elasticsearch nodes to connect to

sched_latency_ns.

Preemption mode.

Whether to generate an extlinux-compatible configuration file under /boot/extlinux.conf

Collector settings to be rendered into the collector configuration file

A list of verbatim OpenSSH public keys that should be added to the user's authorized keys

sched_nr_latency.

Whether to delete torrents added from the services.transmission.settings.watch-dir.

Contents of the PAM service file.

File containing the session secret for the Autobrr web interface.

Path to the configuration file used for Cyrus.

A list of packages which provide dconf profiles and databases in /etc/dconf.

Control group which subgroups are placed under

Verbatim contents of sshd_config.

File containing the password for the SMTP user.

Contents added to the end of the riemann-dash configuration file.

Overridable configuration file contents to use for ntopng

File path containing the rke2 token agents can use to connect to the server

List of plugins to add to Gerrit

Force global DPI resolution to use for X server

Any additional flags passed to nixos-rebuild

User name who owns the socket file.

File containing password to the Prosody account for videobridge

Kubernetes apiserver Webhook config file

This is a convenience option which allows you to set secret values for environment variables by specifying a file which will contain the value at runtime

Key file for client cert authentication to the server.

Key file for client cert authentication to the server.

wg-quick .conf file, describing the interface

Enables custom address sorting configuration for getaddrinfo(3) according to RFC 3484

Text of the file.

Text of the file.

Text of the file.

Path to the configuration file used for cyrus-imap.

Kavita configuration options, as configured in appsettings.json.

Text of the file.

Whether to add cjdns peers with an associated hostname to /etc/hosts

Configuration file for inadyn

Whether to enable the cjdns network encryption and routing engine

The group of the running mount.davfs daemon

Extra configuration to append to the configuration file.

Configuration lines appended to the generated Apache configuration file

Path to the sqlite3 database file.

Absolute path to programs.sqlite

A file containing your secret key

Path to the unix socket file

Whether to enable the RDNSS daemon (rdnssd), which configures DNS servers in /etc/resolv.conf from RDNSS advertisements sent by IPv6 routers.

Path to a text file containing IPs to block

Whether to enable Jirafeau file upload application.

Set of files to be linked in /var/lib/sympa.

Path to the angrr configuration file in TOML format

Free-form settings written directly to the acme-dns.cfg file

Defines the mount options used on a bind mount for the /nix/store

Path to a file containing the metrics authentication token.

A file containing the TokenKey, a secret with at 512+ bits

The config file for the doh-server

Path to a file containing the Datadog API key to associate the agent with your account.

The name of the file or block device that should be used as header for the encrypted device.

The contents of the configuration file for soft-serve

Adds extra lines to the pppd options file.

Structural setting for the rshim configuration file (/etc/rshim.conf)

sniproxy.conf configuration excluding the daemon username and pid file.

Path to the key.pem file, which will be copied into Syncthing's configDir.

Check the configuration file with prosodyctl check config

Path to a json file containing users and folders to load (or update) on startup

Contents of the /etc/exports file

Path to plugin file.

Path to the file/database which contains the targets for oxidized.

Path to a portunus seed file in json format

Key file for securing RPC connections.

Gerrit configuration

Text to append to settings.py Weblate configuration file.

Permission of the socket file (3-digit octal value).

Whether the configuration file specifies a remote mongo instance

Path to a fastly-exporter configuration file

Secrets like SECRET_KEY_BASE and BASIC_AUTH_PASSWORD should be passed to the service without adding them to the world-readable Nix store

Certificate file for client cert authentication to the server.

Certificate file for client cert authentication to the server.

Path to a file containing extra paperless config options in the systemd EnvironmentFile format

Extra lines to be added verbatim to the main.cf configuration file.

This configuration key contains the effective text of the client system-options file "dsm.sys"

Path of the source file.

Set the minimum severity of error that will be included in the log file

File which contains the database uri.

Port to be opened

Path of the source file.

File which contains the value of email.smtp_password.

The connection URI to use

Configuration lines appended to the generated connman configuration file.

This option defines director resources in Bacula File Daemon.

Path of the source file.

Configuration file path.

In containers, whether to use the resolv.conf supplied by the host.

auditd configuration file contents

Additional opendkim configuration as a file.

Path to config file (deprecated, use settings instead and set this value to null)

An SSH public key (as an absolute file path or directly as a string), usually generated by rad auth.

Any additional text to be appended to the config.php configuration file

File path that contains the Base64-encoded private key for HTTPS termination

The contents of /etc/cups/snmp.conf

Configuration for MCHPRS via Config.toml

Path to the oxidized configuration file.

The location of Tautulli's config file.

Group name who owns the socket file.

The absolute path to the configuration file

Extra configuration options to be appended to the generated configuration file.

Config options for zenoh.json5 configuration file

If true on import encryption keys or passwords for all encrypted datasets are requested

File that contains the cadvisor storage driver password.

storageDriverPasswordFile takes precedence over storageDriverPassword

Warning: when storageDriverPassword is non-empty this defaults to a file in the world-readable Nix store that contains the value of storageDriverPassword

Path of a file containing the password for Loki

Free-form settings written directly to the config.json file

Specifies a file containing the MAC addresses to deny if macAcl is set to "deny" or "radius"

Contents of the strongswan.conf file.

File containing environment variables to be passed to the mautrix-whatsapp service

List of directories to be symlinked in /run/current-system/sw.

Type of the file system

Config file used for the whole dovecot configuration.

Additional verbatim entries to be appended to /etc/hosts

System-wide customization file contents, has higher priority than defaultFonts settings.

Additional configuration to extend clight.conf

Whether to enable IBM Storage Protect (Tivoli Storage Manager, TSM) client command line applications with a client system-options file "dsm.sys" .

Extra configuration added to icecast.xml inside the <icecast> element.

The tsm-client package to use

Configuration file for ejabberd in YAML format

Remap all users to "nobody"

Configuration settings for the generated config json file

File path that contains the Base64-encoded certificate for HTTPS termination

Path of the source file.

Path to the cert.pem file, which will be copied into Syncthing's configDir.

oauth2-proxy allows passing sensitive configuration via environment variables

A file containing the Laravel APP_KEY - a 32 character long, base64 encoded key used for encryption where needed

Path to RouteDNS TOML configuration file.

Whether to enable Easy and fast file sharing from the command-line.

Derivation for the configuration file of Nagios CGI scripts that can be used in web servers for running the Nagios web interface.

This tells pgmanage where to put the SQL file history

File name extension mappings

Path to a file containing the credential mapping (<keyname>: <secret>) to access LiveKit

The contents of the client configuration. (client.conf)

Extra configuration to be appended to the 0bin config file (see https://0bin.readthedocs.org/en/latest/en/options.html)

Path to file containing a secret for session store.

Additional contents (sections) included in the X server configuration file

Indicates whether this is an account for a “real” user

The database user's password (not applicable for sqlite3)

Key file for client cert authentication to the server.

Key file for client cert authentication to the server.

Key file for client cert authentication to the server.

Key file for client cert authentication to the server.

Key file for client cert authentication to the server.

The config file of crab-hole

Whether the config should be checked at build time

Whether to enable Pingvin Share, a self-hosted file sharing platform.

Settings written to user/config/system.yaml.

The store directory where the Guix service will serve to/from

Whether to enable copying of this file and symlinking it.

Free form attribute set for aMule settings

The path to a file containing the API Token used to authenticate with CloudFlare.

The name of the file (can be a raw device or a partition) that should be used as the decryption key for the encrypted device

If set, automatically registers the agent using the given claim token file.

Additional text appended to syslog.conf, i.e. the contents of defaultConfig.

Path to the Configuration-File for LDAP-Authentication, will be loaded as ldap_config.py

Adds extra lines to the pptpd configuration file.

Adds extra lines to the xl2tpd configuration file.

For type pipe or file, the path to the pipe or file

Path to the services config file

Specifies a file containing the MAC addresses to allow if macAcl is set to "allow" or "radius"

Signature verification policy file

Path to a file containing the password

Path to a shared secret file used for synchronization, Required for all nodes in a replica/primary setup.

File which contains the value of setup.admin_password.

Deluge core configuration for the core.conf file

Extra configuration, appended to the 3proxy configuration file

The i3lock package to use. ::: {.note} The i3lock package must include a i3lock file or link in its out directory in order for the u2fSupport option to work correctly. :::

ReGreet configuration file