List of IPv4 addresses that will be statically assigned to the interface.

IPv4 address of the interface

Subnet mask of the interface, specified as the number of bits in the prefix (24).

Whether this interface should be configured with DHCP

The pool of IPv4 addresses which are used for translation.

By default, nginx will look up both IPv4 and IPv6 addresses while resolving

List of IP (v4 or v6) addresses with CIDR masks from which this peer is allowed to send incoming traffic and to which outgoing traffic for this peer is directed

The subnet of this host

Whether to enable IPv6 Privacy Extensions for interfaces not configured explicitly in networking.interfaces._name_.tempAddress

List of IP (v4 or v6) addresses with CIDR masks from which this peer is allowed to send incoming traffic and to which outgoing traffic for this peer is directed

IPv4 address of the next hop.

Denied client IP ranges, these gets evaluated after the allowed IP ranges, defaults to all IPv4 addresses: [ "0.0.0.0/0" ] To block all other access than the allowed.

The prefix used for embedding IPv4 into IPv6 addresses

List of extra IPv4 static routes that will be assigned to the interface.

If you want consistency between the two implementations, set the scope of the route manually with networking.interfaces.eth0.ipv4.routes = [{ options.scope = "global"; }] for example.

IPv4 address of the network.

Addresses to listen on, IP:PORT, if you haven't disabled forwarding only set IPv4.

Type of the route

List of IPv6 addresses that will be statically assigned to the interface.

Subnet mask of the network, specified as the number of bits in the prefix (24).

Other route options

Whether to enable the mDNS NSS (Name Service Switch) plug-in for IPv6

Do not send VRRP adverts over VRRP multicast group

Specifies a list (comma-separated) of addresses where to listen for TCP connections

IPv4 prefix length

IPv6 address of the interface

IPv4/IPv6 addresses to advertise for node.

Subnet mask of the interface, specified as the number of bits in the prefix (64).

IPv4/IPv6 addresses to advertise for node.

The addresses of all replicas in the cluster

When IPv6 is enabled with SLAAC, this option controls the use of temporary address (aka privacy extensions) on this interface

IPv4 cidr address of this peer in the virtual network

Whether to use DHCP to obtain an IP address and other configuration for all network interfaces that do not have any manually configured IPv4 addresses.

Local address(es) to use for IKE communication

Remote address(es) to use for IKE communication

IPv4 destination.

By default, nginx will look up both IPv4 and IPv6 addresses while resolving

Domain names, IPv4 and/or IPv6 addresses to listen on for HKP requests.

Deprecated: Use consul.forceAddrFamily instead

A list of address sections to be added to the unit

Strip N bits from IPv4 addresses if lookupBySubnet is true

Recent versions of glibc will issue both ipv4 (A) and ipv6 (AAAA) address queries at the same time, from the same port

Remote endpoints for the bridge.

Whether to bind ipv4/ipv6 or both kind of addresses.

The external address where the host can be reached

The port where the host can be reached

By default, the Drone RPC server will listen on all interfaces and local IPv4 addresses for incoming connections from clients

Port of the remote MQTT broker.

IP Addresses to bind to

The external IP address or hostname where the host can be reached.

Whether to filter IPv6 traffic with 6to4 destination addresses that correspond to IPv4 addresses that should not be routed over the public internet.

Whether to listen on IPv4 connections.

Address of the remote MQTT broker.

The IP addresses of DNS servers to configure.

Addresses (IPv4 or IPv6) to listen on for connections by the reverse proxy/tls terminator

Whether to use IPv4.

IPv4-specific configuration.

Select the encapsulation type:

• ipip to create an IPv4 within IPv4 tunnel (RFC 2003).

• 4in6 to create a 4in6 tunnel (RFC 2473);

• ip6ip6 to create an IPv6 within IPv6 tunnel (RFC 2473);

Listen addresses and ports for this virtual host

If not specified, the MTU is automatically determined from the endpoint addresses or the system default route, which is usually a sane choice

Listener IP addresses of relay server

The IP addresses of the interface.

IPv4 interface to bind to.

IPv4 address to bind to

This primary server will notify all given secondary servers about zone changes

The IP addresses of the interface.

A list of IPv4 and IPv6 addresses to use as the fallback DNS servers

Turn on proxy_arp for this device

Listen addresses and ports for this virtual host

List of ipv4 addresses on which to listen for DNS queries.

Addresses (IPv4 or IPv6) to listen on for connections by the reverse proxy/tls terminator

Listen addresses and ports for this virtual host.

Source addresses, address ranges, MAC addresses or ipsets to bind.

An IP address or a network IP address with a mask for IPv4 or IPv6

The IPv4 address assigned to the host interface. (Not used when hostBridge is set.)

Only use ipv4, even if the host supports ipv6.

Addresses who may request zone transfers.

The IPv4 address assigned to the host interface. (Not used when hostBridge is set.)

The configuration for each network interface

Addresses allocated in pool

Preferred EDNS buffer size for IPv4.

IP to listen on. 0.0.0.0 for IPv4 only, * for all.

Listen addresses and ports for this virtual host.

The source IPv4 address of the TAYGA server.

Allow the specified IPs to act as a proxy

The static host map defines a set of hosts with fixed IP addresses on the internet (or any network)

Allowed client IP ranges are evaluated first, defaults to ARIN IPv4 private ranges: [ "192.168.0.0/16" "127.0.0.0/8" "172.16.0.0/12" "10.0.0.0/8" ]

Definitions of SIIT instances of Jool

IPv4 address.

This is the target address is to match against

Definitions of NAT64 instances of Jool

The IPv4 address assigned to the interface in the container

Listed primary servers are allowed to notify this secondary server

IP to listen on. 0.0.0.0 for IPv4 only, * for all.

Listen addresses for this virtual host

Periodically refresh the endpoint hostname or address for all peers

The IPv4 address assigned to the interface in the container

Listen addresses for this virtual host

Listen addresses and ports for this virtual host.

The IPv4 address of the router.

MAC address to use for the device

Listen addresses for this virtual host

This is a rule that the target address is to match against

Whether to enable the mDNS NSS (Name Service Switch) plug-in for IPv4

Specifies the IP address version (IPv4 or IPv6) used to establish a connection between cloudflared and the Cloudflare global network

Listen only on IPv4 when strting the server.

IP to listen on. 0.0.0.0 for IPv4 only, * for all.

Listen addresses for this virtual host

The email addresses of the public-inbox.

Specifies the MAC addresses to deny if macAcl is set to "deny" or "radius"

Listen addresses for this virtual host

Specifies the MAC addresses to allow if macAcl is set to "allow" or "radius"

Configures name servers used to resolve names of upstream servers into addresses

This address will be used for zone-transfer requests if configured as a secondary server or notifications in case of a primary server

Whether to enable setting IPv4 A records.

A list of addresses to be added to the network section of the unit

Automatically determine the IPv4 address of this peer based on existing peers on network.

List of additional peer IP addresses to connect to.

Subnet mask of the interface, specified as the number of bits in the prefix ("24").

Specifies the BSSID for this BSS

Wait for DNS

IP detection provider for IPv4

Specifies a file containing the MAC addresses to deny if macAcl is set to "deny" or "radius"

If given an IP address, it can be a host name ("localhost"), an IPv4 dotted-quad ("127.0.0.1") or an IPv6 address enclosed in square brackets ("[::1]").

(VCL4.1 and higher) If given an absolute Path ("/path/to/listen.sock") or "@" followed by the name of an abstract socket ("@myvarnishd") accept connections on a Unix domain socket

Set name cache size for IPv4.

Specifies a file containing the MAC addresses to allow if macAcl is set to "allow" or "radius"

List of the only peer IP addresses to connect to

List of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config

Name of the interface.

Specifies whether sshd(8) should look up the remote host name, and to check that the resolved host name for the remote IP address maps back to the very same IP address

The hostname that clients should use to connect to this server

IP addresses to bind the listener to.

Whether to register mDNS address records for all local IP addresses.

Line-separated email addresses that are allowed to authenticate.

Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols.

Whether to copy the DF bit to the outer IPv4 header in tunnel mode

Mail addresses

List of named IP pools to allocate virtual IP addresses and other configuration attributes from

Addresses of statically configured query API servers

Name of the interface

Listener addresses to accept connections from other peers

Name used to derive peer unit name.

A list of host:port for the Redis servers that are part of a cluster

List of resolvers to use

This option specifies when the dhcpcd service will fork to background

Database host name. localhost is treated specially and inserts systemd dependencies, other hostnames or IP addresses of the local machine do not.

MTU size for packets leaving the interface

The interfaces to bond together

Commands called at the start of the interface setup.

Vlan tag to apply to interface

Openvswitch type to assign to interface

IPsec Mode to establish CHILD_SA with.

• tunnel negotiates the CHILD_SA in IPsec Tunnel Mode,
• whereas transport uses IPsec Transport Mode.
• transport_proxy signifying the special Mobile IPv6 Transport Proxy Mode.
• beet is the Bound End to End Tunnel mixture mode, working with fixed inner addresses without the need to include them in each packet.
• Both transport and beet modes are subject to mode negotiation; tunnel mode is negotiated if the preferred mode is not available.
• pass and drop are used to install shunt policies which explicitly bypass the defined traffic from IPsec processing or drop it, respectively

The type of the interface

Commands called after the interface setup.

The type of interface to create

Command called before the interface is taken down.

16-bit port for listening

Peers linked to the interface.

Command called after the interface is taken down.

List of extra IPv6 static routes that will be assigned to the interface.

The physical network interfaces connected by the bridge.

Whether to enable wol on this interface.

If set, all recipients to users at either "localhost" (the literal string) or the canonical host name (from the me control attribute) are remapped to this address

IPv6 address of the next hop.

The kernel routing table to add this interface's associated routes to

Whether this interface is virtual and should be created by tunctl

MAC address of the interface

The Wake-on-LAN policy to set for the device

Type of the route

In case of a virtual device, the user who owns it. null will not set owner, allowing access to any user.

wg-quick .conf file, describing the interface

The base64 public key to the peer.

Base64 private key generated by wg genkey

Private key file as generated by wg genkey.

The physical network interfaces connected by the vSwitch.

Extra options to append to the interface section

IPv6 address of the network.

The type of the interface

Name of the UKI

16-bit port for listening

Peers linked to the interface.

Set the maximum transmission unit in bytes for the wireguard interface

Whether to bring up this interface automatically during boot.

Other route options

This option allows you to define interfaces encapsulating IPv6 packets within IPv4 packets; which should be automatically created.

Commands called at the start of the interface setup.

Endpoint IP or hostname of the peer, followed by a colon, and then a port number of the peer.

Mark all wireguard packets originating from this interface with the given firewall mark

Commands called at the end of the interface setup.

Subnet mask of the network, specified as the number of bits in the prefix (64).

Set the metric of routes related to this Wireguard interface.

The kernel routing table to add this interface's associated routes to

List of open UDP ports.

List of TCP ports on which incoming connections are accepted.

Whether to enable Jool, an Open Source implementation of IPv4/IPv6 translation on Linux

Specify address family of backend connections

The base64 public key of the peer.

Username to authenticate with.

Base64 private key generated by wg genkey

The name of the user account

Private key file as generated by wg genkey.

Base64 preshared key generated by wg genpsk

Commands called before shutting down the interface.

Automatically generate a private key with wg genkey, at the privateKeyFile location.

Extra options to append to the interface section

Listen addresses and ports for this virtual host

Listen addresses and ports for this virtual host

Listen addresses and ports for this virtual host

File pointing to preshared key as generated by wg genpsk

Commands called after shutting down the interface.

Range of open UDP ports.

Endpoint IP or hostname of the peer, followed by a colon, and then a port number of the peer

A range of TCP ports on which incoming connections are accepted.

Listen addresses and ports for this virtual host

Whether this VPN connection should be started automatically.

Determines whether to add allowed IPs as routes or not.

Listen addresses and ports for this virtual host

Listen addresses and ports for this virtual host

Listen addresses and ports for this virtual host

Listen addresses and ports for this virtual host

Listen addresses and ports for this virtual host

Gateway server to connect to.

The name of the group

Private key to authenticate with.

Protocol to use.

The shell (/bin/sh) command executed to obtain the DHCP DNS server address

The pre-existing network namespace in which the WireGuard interface is created, and which retains the socket even if the interface is moved via interfaceNamespace

Table name.

File containing the password to authenticate with

Locally defined maps of hostnames to IP addresses.

Extra config to be appended to the interface config

Base64 preshared key generated by wg genpsk

Automatically generate a private key with wg genkey, at the privateKeyFile location.

File pointing to preshared key as generated by wg genpsk

The name of the user account

Listen addresses and ports for this virtual host

Listen addresses and ports for this virtual host

Listen addresses and ports for this virtual host

Listen addresses and ports for this virtual host

Listen addresses and ports for this virtual host

Listen addresses and ports for this virtual host

Listen addresses and ports for this virtual host

The name of the system used in the system.build.toplevel derivation

Listen addresses and ports for this virtual host

Listen addresses and ports for this virtual host

This is optional and is by default off, because most users will not need it

The name of the group

The pre-existing network namespace the WireGuard interface is moved to

What addresses the server should listen to.

Certificate to authenticate with.

Listen addresses and ports for this virtual host

Tor hidden sites do not have real IP addresses

Explicit list of domains to manage only for IPv4

Whether to enable IPv4 connectivity.

Listen addresses and ports for this virtual host

Listen addresses and ports for this virtual host

The bind address used by seafile fileserver

The underlying network device on which the tunnel resides.

The time-to-live of the connection to the remote tunnel endpoint.

The IPv4 address to deploy the service to.

The vlan identifier

This is optional and is by default off, because most users will not need it

Periodically re-execute the wg utility every this many seconds in order to let WireGuard notice DNS / hostname changes

The name of this systemd unit, including its extension

The name of this systemd unit, including its extension

The name of this nylon instance.

The underlying network device on which the tunnel resides.

The time-to-live of the connection to the remote tunnel endpoint.

Interface name

List of IP addresses or network addresses that may connect to Polipo.

The address of the local endpoint which the remote side should send packets to.

When the dynamic endpoint refresh that is configured via dynamicEndpointRefreshSeconds exits (likely due to a failure), restart that service after this many seconds

Local port of the encapsulation UDP socket.

Name of the zone.

The name of this systemd unit, including its extension

The name of this systemd unit, including its extension

The name of this systemd unit, including its extension

The name of this systemd unit, including its extension

Name of the PPP peer.

The address of the local endpoint which the remote side should send packets to.

The address of the remote endpoint to forward traffic over.

Depending on the local firewall/NAT rules, you might need to force Miredo to use a fixed UDP port and or IPv4 address.

Network device to bind to.

Static IPv4 -> IPv6 host mappings.

"ignoreIP" can be a list of IP addresses, CIDR masks or DNS hosts

Local address (and optionally device) to bind to using the given port.

DEPRECATED, use driverOptions

Listen addresses and ports for this virtual host

The IP address ranges for which to perform NAT

Name of the image

The name of this systemd unit, including its extension

The name of this systemd unit, including its extension

The IPv6 address ranges for which to perform NAT

The address of the remote endpoint to forward traffic over.

The name of this systemd unit, including its extension

The name of this systemd unit, including its extension

Listen addresses and ports for this virtual host.

Listen addresses and ports for this virtual host.

Whether the bridge interface should enable rstp.

The underlying network device on which the tunnel resides.

The time-to-live/hoplimit of the connection to the remote tunnel endpoint.

Method to determine the IPv4 address to send to the dynamic DNS provider

IPv4 network in CIDR format to use for the entire flannel network

Listen addresses and ports for this virtual host

https_dns_proxy will by default use IPv6 and fail if it is not available

Optional configuration string for this interface.

DEPRECATED, use driverOptions

Address to bind to

Whether the tunnel routes layer 2 (tap) or layer 3 (tun) traffic.

The name of this systemd unit, including its extension

The name of this systemd unit, including its extension

Local address to bind to

The endpoint name.

The IPv4 address that the server will use on the network

IPv4 address to listen on

Etcd unique node name.

Listen addresses for this virtual host

Listen addresses for this virtual host

Listen addresses for this virtual host

The pool of IPv6 addresses which are used for translation.

The mode of the macvlan device.

The endpoint name.

Listen addresses for this virtual host

The address of the local endpoint which the remote side should send packets to.

Adds custom rules to the IPv4 scope table

The name of this systemd unit, including its extension

Listen addresses and ports for this virtual host.

Enable restrictions on the use of the well-known prefix (64:ff9b::/96) - prevents translation of non-global IPv4 ranges when using the well-known prefix

Name of the control, as it appears in alsamixer

Depending on the local firewall/NAT rules, you might need to force Miredo to use a fixed UDP port and or IPv4 address.

Listen addresses for this virtual host

Listen addresses for this virtual host

Listen addresses for this virtual host

Listen addresses for this virtual host

Listen addresses for this virtual host

Username for JSON-RPC connections.

Name of the PAM service.

The address of the remote endpoint to forward traffic over.

Host to bind to

Relay address (the local IP address that will be used to relay the packets to the peer)

The public ipv4 address of this relay

The name of this systemd unit, including its extension

Primary name for use (as a suffix) in:

• systemd service name,
• hardened user name and group,
• systemd *Directory= names,
• desktop application identification,

Primary name for use (as a suffix) in:

• systemd service name,
• hardened user name and group,
• systemd *Directory= names,
• desktop application identification,

Name of the worker

IP to listen on. 0.0.0.0 for IPv4 only, * for all.

IP to listen on. 0.0.0.0 for IPv4 only, * for all.

Name of the bridge interface that wpa_supplicant should listen at.

IP addresses to bind the listener to.

Interfaces to bind.

Protocol number of the encapsulated packets

Listen addresses for this virtual host

Listen addresses for this virtual host

Options for the bonding driver

Name i2pd appears in UPnP forwardings list.

Listen addresses for this virtual host

Listen addresses for this virtual host

Listen addresses for this virtual host

Listen addresses for this virtual host

Listen addresses for this virtual host

Listen addresses for this virtual host

Listen addresses for this virtual host

Name of modem device, will be searched for in /dev.

The interface the vlan will transmit packets through.

The name of the underlying hardware WLAN device as assigned by udev.

List of hostname shortnames/IP addresses of the initial monitors.

Set UDP listening port range used by DHT(IPv4, IPv6) and UDP tracker.

Listen addresses for this virtual host

The name of the node which is used as an identifier when communicating with the remote nodes in the mesh

Listen addresses and ports for this virtual host.

Listen addresses and ports for this virtual host.

The address (IPv4, IPv6 or DNS) to listen on.

The name of this systemd unit, including its extension

An internet socket address to listen on, either IPv4 or IPv6.

The framework to use for attaching Jool's translation to the exist kernel packet processing rules

The name of the network interface to match against.

Specifies the Name of the Storage daemon.

Listen addresses for this virtual host

DEPRECATED, use driverOptions

An RKVM server's internet socket address, either IPv4 or IPv6.

The endpoint name.

The endpoint name.

Name of the runner to configure

Listen addresses for this virtual host

Whether to enable Shorewall IPv4 Firewall.

The friendly name you give to the network device

The friendly name you give to the network device

The IPv4 network that the server will use to allocate IPs on the network

Enable this table.

Table family.

IP to listen on. 0.0.0.0 for IPv4 only, * for all.

Listen addresses for this virtual host

The framework to use for attaching Jool's translation to the exist kernel packet processing rules

List of additional peer IP addresses to add to the local list.

Whether to bind to nonlocal addresses and interfaces that are down

Database name.

Accept for client requests on the specified listen addresses.

Name for the device

The hostname or primary IPv4 address of the Teredo server

The IP address to bind to for IPv4

Name of the redis server

Listen addresses and ports for this virtual host.

Listen addresses for this virtual host

The endpoint name.

The endpoint name.

The name of the Helm chart

Either the raw pre-shared key in hexadecimal format or the name of the secret (as defined inside networking.wireless.secretsFile and prefixed with ext:) containing the network pre-shared key.

Listen addresses for this virtual host

A system user name for this client instance.

A system user name for this client instance.

The director name used by the system administrator

The client name that must be used by the Director when connecting

IP addresses of the other nodes.

Mail "from" name.

MeshID of interface with type mesh.

The table content.

Addresses and ports on which kresd should provide DNS over TLS (see RFC 7858)

The type of the WLAN interface

What addresses and ports the server should listen on

Whitelist a list of address prefixes

Strip N bits from IPv6 addresses if lookupBySubnet is true

Peer addresses to initialize with on first run.

Keyboard name.

Database name.

OpenFlow rules to insert into the Open vSwitch

Addresses and ports on which kresd should provide DNS over HTTPS/2 (see RFC 8484)

Akkoma frontend name.

Force a specific wpa_supplicant driver.

Flags for interface of type monitor.

Addresses and/or ports on which tang should listen

The list of the email addresses of the listmasters (users authorized to perform global server commands).

The name of the host

The name of the Helm chart

Host, IPv4 or IPv6 address to listen to.

The name of the service to run

Log client IP addresses in the connection log.

Listen on all addresses rather than just loopback.

Address to bind to

List of comma delimited IP addresses that the agent should listen on.

Whether to enable 4-address mode with type managed.

The name of the agent as seen in the buildkite dashboard.

Agent name, usually same as the hostname

If set, this network block is used only when associating with the AP using the configured BSSID.

Command line arguments to add when executing wpa_supplicant.

The user's home directory.

The interface the macvlan will transmit packets through.

The name of the instance.

The network's pre-shared key in plaintext defaulting to being a network without any authentication.

Set this to true if the SSID of the network is hidden.

Font name, as used by fontconfig.

You could use this field to override the network's ssid

Listen addresses for this virtual host

Listen addresses for this virtual host

This tells pgmanage whether or not to set the listening socket to local addresses only.

Mail "reply-to" name.

Client IP addresses (or prefixes) from which to accept connections.

Name of the font to use for regreet.

Name of the redis server

Version of OpenFlow protocol to use when communicating with the switch internally (e.g. with openFlowRules).

Configuration options for wpa_supplicant.conf

The account UID

TCP addresses to run TCP relay.

Path to file that contain addresses of query peers

Use this option to configure advanced authentication methods like EAP

VLAN to which the network interface is connected.

The endpoint name.

Name is referenced in logs

Commands to manipulate the Open vSwitch database

The name to return in service discovery responses for the MUC service itself

IP to listen on. 0.0.0.0 for IPv4 only, * for all.

IP to listen on. 0.0.0.0 for IPv4 only, * for all.

External wpa_supplicant.conf configuration file

The user's home directory mode in numeric format

Name is used as a suffix for the service name, user, and group

Name of directory from which to import ZFS device, this is passed to zpool import as the value of the -d option

Whether to enable the Router Advertisement Daemon (radvd), which provides link-local advertisements of IPv6 router addresses and prefixes using the Neighbor Discovery Protocol (NDP)

List of addresses and ports to listen on (ListenAddress directive in config)

Listen addresses for this virtual host

The serial port to which your UPS is connected. /dev/ttyS0 is usually the first port on Linux boxes, for example.

List of comma delimited IP addresses that the trapper should listen on

Name of the rule.

Name of the theme to use for regreet.

Logs the IP addresses of incoming requests.

Name of the iSCSI initiator to boot from

Name of the machine when registering it at the central or local api.

A systemd service name to use (without .service suffix).

A systemd service name to use (without .service suffix).

The name of an explicit dtb to be loaded, relative to the dtb base

The user's primary group.

Path to files that contain addresses of store API servers

Specific IPv4 address to listen to.

The endpoint name.

The name of the mailbox.

The name of the service to run

Listen addresses for this virtual host

Name of the existing database.

Extra configuration lines appended to the network block

Proxy listen address (IPv6 literal addresses need to be enclosed in "[" and "]" characters)

List of domain names (FQDNs) to manage

Listening addresses or hostnames.

The name of the server

Automatically assign an IP address to the network interface using the same scheme as virtualisation.vlans.

The logical name of the Galera cluster

Name of the user to ensure.

If vhosts do not specify listen, use these addresses by default

List of comma delimited IP addresses that the trapper should listen on

IP to listen on. 0.0.0.0 for IPv4 only, * for all.

The list of interfaces to be moved into the container.

List of peer IP addresses to connect to and attempt to keep the connection open.

Whether to get IPv6 addresses from interfaces.

Name of the beat

Name of the wiki.

Name of the server.

The prefix for MAC addresses to use, without the trailing ':'

Database name.

Database name.

Database name.

Name of the icon theme to use for regreet.

The endpoint name.

The group GID

The list of hostnames and/or IP addresses from which the Mailman Web UI will accept requests

Name of this iscsi initiator

The database name

Whether to set the machine hostname based on the information received from the DHCP server.

Database name.

Whether to export names and IP addresses defined in /etc/hosts.

IP addresses Recursor DNS server will bind to.

Bind address

The address for the daemon to listen on

The name of this authentication provider

The name of this gateway as shown in firezone

The name of the cookie that the oauth_proxy creates.

Listen addresses for this virtual host

Configures the type of encapsulation.

Server name to be used for this virtual host

The IP address that Meilisearch will listen on

Name of ICMP pinging job.

Alternative listening port for UDP and TCP listeners; default (or zero) value means "listening port plus one"

Whether the configuration file at configFile.path should be written to by wpa_supplicant.

This option allows you to define vlan devices that tag packets on top of a physical interface

Destination port when using UDP encapsulation.

Strip the last N bits from IP addresses, determined by IPv4CIDR and IPv6CIDR

Allow binding to non local addresses.

The addresses for connecting the node to a cluster.

Database name, only used when the databse is created locally.

The advertised name for zeroconf discovery.

Log partial client IP addresses in the connection log.

The user's home directory.

Name of the redis server

The endpoint name.

Database name.

Database name.

Database name.

The user's home directory mode in numeric format

This option allows you to define bond devices that aggregate multiple, underlying networking interfaces together

The name of this actor

The name of this group

Addresses of public STUN services to use to automatically find the public and local addresses of this Jitsi-Videobridge instance without the need for manual configuration

First separator character in generated addresses

The list of authentication protocols accepted by this network

The name of the immich database.

The fully qualified domain name (FQDN) of this host

Specify the program to run to talk to this UPS. apcsmart, bestups, and sec are some examples.

The name of an existing user account under which the rsync process should run.

The name of the host in the network as well as the configuration for that host

List of peer IP addresses to connect to only

By default, all networks will get same priority group (0)

Whitelist a list of addresses, hostnames, or address blocks.

Database name

The name of the database to use for Wakapi.

Specify the controller targets

Name of the service.

List of list addresses that should be handled by Schleuder

The system domain name

Drive name without the full path.

Whether to publish user services

Database name.

The name of the device.

The account UID

Each prefix consists of either an IPv4 or IPv6 address, and the associated prefix length, delimited by a slash

Each prefix consists of either an IPv4 or IPv6 address, and the associated prefix length, delimited by a slash

name of the virtualhost

The name identifying the runner instance towards the Gitea/Forgejo instance.

Name of the cursor theme to use for regreet.

Whether to treat root servers (for @) as caching servers, requesting addresses the same way a client does

Text of this systemd unit.

The name of this client as shown in firezone

For an IPv6-based tunnel, the maximum number of nested encapsulation to allow. 0 means no nesting, "none" unlimited.

The name of this relay group

Adapter name that is used in the radicle-ci-broker configuration

Members of this group can control wpa_supplicant.

The list of nameservers

The name of an existing user group under which the rsync process should run.

Select the encapsulation type:

• 6in4: the IPv6 packets are encapsulated using the 6in4 protocol (formerly known as SIT, RFC 4213);

• gue: the IPv6 packets are encapsulated in UDP packets using the Generic UDP Encapsulation (GUE) scheme;

• foo: the IPv6 packets are encapsulated in UDP packets using the Foo over UDP (FOU) scheme.

Database name.

Database name.

The user's primary group.

The name of this server.

Name of this overlay

Creating multiple WLAN interfaces on top of one physical WLAN device (NIC)

PostgreSQL database name

Source port when using UDP encapsulation

Address to listen on

The IPv4 address of the host.

Lines which would be added inside ups.conf for handling this UPS.

The name of this gateway as shown in firezone

IPv6 prefix length

Database name.

Server name.

Directory of sockets for controlling wpa_supplicant.

The name of this systemd unit, including its extension

Supported versions to enable on this switch.

Only listen to incoming requests on specific IP/host

The port on which to listen and send IPv4 broadcast announcements to.

Name of the existing database (has no effect if type is "sqlite").

Either the fully qualified domain name (FQDN), or just the host name if it does not exist

The name of this gateway group

Name of the local AutoSSH session

Configure listen addresses and ports for ftpd.

The IPv4 address on the guest VLAN.

A list of addresses and ports on which to listen.

Addresses of statically configured Thanos API servers (repeatable)

The name of this resource

Name of symlink

Domain to fetch certificate for (defaults to the entry name).

The relay server IP addresses or DNS names of the RustDesk relay.

When using the SLiRP user networking (default), this option allows to forward ports to/from the host/guest.

When set to something distinct to null NSD is able to collect statistics per zone

The group GID

The path to the user's shell

Server CoAP listen address

Allow normal users to control wpa_supplicant through wpa_gui or wpa_cli

IP addresses or subnets allowed to call the periphery API

Text of this systemd unit.

User to run the cgit service as.

This option allows you to define Ethernet bridge devices that connect physical networks together

The flake reference from is rewritten to

If set to false, the user account will not be created

The name of the wrapper program

Configure listen addresses and ports for httpd.

Configure listen addresses and ports for sftpd.

Database name.

Database name.

Database name.

Database name.

Database name.

Database name.

Database name.

Database name.

Add the necessary actions for a upsmon process to work

Bind port for ‹name› endpoint.

Name of symlink (relative to /etc)

Attributes for user's entry in pam_mount.conf.xml

Start the specified units when this unit is started.

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

The addresses to send outgoing mail to.

The name of the dawarich database.

MySQL database name.

Database name for FreshRSS.

Name of the satellite.

The flake input from is rewritten to.

The name of services's user

Each attribute of this option defines a systemd service that runs hans

List of IP addresses to query as recursive DNS resolvers.

Name of the game as it will appear in the game listing.

Bind port for ‹name› endpoint.

The user's auxiliary groups.

Node name

The account name

A list of valid fully-qualified domain names (FQDNs) and/or IP addresses that can be used to reach the NetBox service.

The name of the file or block device that should be used as header for the encrypted device.

Name of the beat

Path to encrypted luks device that contains the user's home directory.

Name of the modifier.

You need to set it to the IP from which your reverse proxy sends requests to Mastodon's web process, otherwise Mastodon will record the reverse proxy's own IP as the IP of all requests, which would be bad because IP addresses are used for important rate limits and security functions.

The name of the file (can be a raw device or a partition) that should be used as the decryption key for the encrypted device

Database name.

Local addresses to which the server binds.

Where to mount this dataset.

TLS options for virtual host

IPv6 address to bind to

The specified name-string gives the system file name of the storage device managed by this storage daemon

If vhosts do not specify listenAddresses, use these addresses by default

The flake reference to be rewritten

Port number Go Ethereum will be listening on, both TCP and UDP.

If the specified units are started at the same time as this unit, delay this unit until they have started.

APIs to enable over WebSocket

Upstream resolver(s) to use as fallback for non-loki addresses

Listen addresses for incoming connections

Group to run the cgit service as.

Whether to create the home directory and ensure ownership as well as permissions to match the user.

Database name.

Frontend server interface binding specification as either a host:port pair or a unix domain docket

S3 bucket name to use for HTTP-01 based challenges

Format: [AXFR|UDP] <ip-address> <key-name | NOKEY>

Target node name on the IBM TSM server.

A path which will be scanned for repositories.

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

Start the specified units when this unit is started.

Name of this virtual host

The nickname of this Tahoe node.

Path to the directory storing the hooks

Database name.

Database name.

Configure listen addresses and ports for webdavd.

Action to take when a virus is detected

What port to listen for client requests, default is 1080.

ACME options for virtual host.

HTTP options for virtual host

Name of the PCM card to control (slave).

Rename nodes to different name.

Discourse database name.

Send the XCLIENT command to the receiving server, for forwarding client addresses and connection information if the receiving server supports this feature.

Start the specified units when this unit is started.

Start the specified units when this unit is started.

Allow the user to do certain things with upsd

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

Port number of Go Ethereum HTTP API.

Whether to enable ‹name›.

FROM address that overrides the built-in sharing-noreply and lostpassword-noreply FROM addresses

Name of the symlink (relative to /var/lib/rancher/k3s/server/manifests)

cgit repository settings, see cgitrc(5)

SSID to be used in IEEE 802.11 management frames.

DNS full-qualified domain name of a database server

DNS full-qualified domain name of a database server

Replace any existing runner with the same name

IP addresses or hostnames of all nodes in the cluster, including this node

Whether to enable ‹name›.

Subordinate group ids that user is allowed to use

Subordinate user ids that user is allowed to use

Each attribute of this option defines a systemd service that runs iodine

The type of the device.

VirtualHost to serve cgit on, defaults to the attribute name.

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Username

If the specified units are started at the same time as this unit, delay this unit until they have started.

Name of the remote read config, which if specified must be unique among remote read configs

The name of the first admin user.

Database name.

Whether to enable cgit.

The name of the database to create.

Path to a certificate signing request to apply when fetching the certificate.

The addresses of hosts designated as contact points in the cluster

Units that want (i.e. depend on) this unit

Units that want (i.e. depend on) this unit

Dedicated mail domain used for ephemeral SRS envelope addresses

If the specified units are started at the same time as this unit, delay this unit until they have started.

If the specified units are started at the same time as this unit, delay them until this unit has started.

The user names of the group members, added to the /etc/group file.

If the specified units are started at the same time as this unit, delay this unit until they have started.

Name of Google storage bucket

Interface name

Name of the model to download and use for speech synthesis

The upstream provider to use or custom in case you do not trust any of the predefined providers or just want to use your own

Blockchain garbage collection mode.

Whether to enable hub instance.

Automatically allocate subordinate user and group ids for this user

Members of this group can access the control socket for this interface.

The path to the user's shell

The name of this client as shown in firezone

Name of the symlink (relative to /var/lib/rancher/rke2/server/manifests)

Count of subordinate user ids

Count of subordinate group ids

If set to false, the user account will not be created

Override the default TLS port for this virtual host.

Name of the remote write config, which if specified must be unique among remote write configs

Interface to use when method is iface.

Hash, with md5, client names and MAC addresses

Whether the SSID is to be interpreted using UTF-8 encoding.

Aliases of that unit.

Aliases of that unit.

Units that want (i.e. depend on) this unit

Units that want (i.e. depend on) this unit

DEPRECATED, use driverOptions

Whether to enable Go Ethereum Node.

Additional arguments passed to Go Ethereum.

Attributes for user's entry in pam_mount.conf.xml

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

Start the specified units when this unit is started.

Start the specified units when this unit is started.

Proxy account name, without the possibility to include domain name ('at' sign is interpreted literally).

This option allows you to define Open vSwitches that connect physical networks together

Name of the user to ensure.

Name of the kernel module that provides the card.

SRS tag separator used in generated sender addresses

Set the host address for this virtual host

Name of modem configuration file, will be searched for in config in the spooling area directory.

Path to the private key to the matching certificate signing request.

The user's auxiliary groups.

List of addresses, one for each ring.

ID of the user in initrd.

Backup type as described in: https://pgbackrest.org/command.html#command-backup/category-command/option-type

Database name.

Database name.

Name of database.

Path to encrypted luks device that contains the user's home directory.

List of target IP ranges, use empty list for any

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Bind address for ‹name› endpoint.

Local secret key in hexadecimal form.

A list of valid fully-qualified domain names (FQDNs) and/or IP addresses that can be used to reach the Froide-Govplan service.

Database name.

static: Immediately answer any Neighbor Solicitation Messages (if they match the IP rule). iface: Forward the Neighbor Solicitation Message through the specified interface and only respond if a matching Neighbor Advertisement Message is received. auto: Same as iface, but instead of manually specifying the outgoing interface, check for a matching route in /proc/net/ipv6_route.

Name of the PostgreSQL database.

The name of the Linkwarden database.

Units that want (i.e. depend on) this unit

Units that want (i.e. depend on) this unit

Whether to enable TLS support.

The name of the machine

Root directory for requests.

Group running the ACME client.

Database name to use when connecting to an external or manually provisioned database; has no effect when a local database is automatically provisioned

Whether the luksOpen will be attempted before LVM scan or after it.

Override the default HTTP port for this virtual host.

If enabled, spacecookie will hide personal information of users like IP addresses from log output.

The name of the host in the network as well as the configuration for that host

The name of the Grafana database.

Local Mattermost database name.

Name of the PCM device to control (slave).

Set name to shared memory zone.

The node name of the device

The node name of the device

Bind address for ‹name› endpoint.

Whether the from reference needs to match exactly

The relationship with upsd

Output DPI configuration.

Start the specified units when this unit is started.

Start the specified units when this unit is started.

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Keep this unit running as long as the listed units are running

Keep this unit running as long as the listed units are running

The object to make available inside the initrd.

If the specified units are started at the same time as this unit, delay them until this unit has started.

If the specified units are started at the same time as this unit, delay this unit until they have started.

If the specified units are started at the same time as this unit, delay this unit until they have started.

Name of the homebridge UI platform

The actual zone data

Units that want (i.e. depend on) this unit

Units that want (i.e. depend on) this unit

Whether to create the home directory and ensure ownership as well as permissions to match the user.

This is the name that will be displayed by NetworkManager and GUIs.

Name of the MySQL database that holds EPGStation's data.

Name of the beat

Output resolution.

Output framerate.

Location of the host path to be mounted.

Port to listen on (applies to all listen addresses).

Whether to enable DNSSEC.

Path of the source file.

Adds index directive.

Alias directory for requests.

Verify peer certificate

Verify peer certificate

Instance name.

Aliases of that unit.

Aliases of that unit.

If the specified units are started at the same time as this unit, delay them until this unit has started.

If the specified units are started at the same time as this unit, delay them until this unit has started.

Remove /etc/hosts entries for "127.0.0.2" and "::1" defined in nixos/modules/config/networking.nix Regionservers must be able to resolve their hostnames to their IP addresses, through PTR records or /etc/hosts entries.

The set of packages that should be made available to the user

Zone file resource records contain columns of data, separated by whitespace, that define the record.

Username from upsd.users for accessing this UPS

A program name specifying a Postfix service/daemon process

Output video display controller.

Name of the printer / printer queue

A list of valid fully-qualified domain names (FQDNs) and/or IP addresses that can be used to reach the peering manager service.

If true, the user's shell will be set to users.defaultUserShell.

This can be set as a global variable above your first UPS definition and it can also be set in a UPS section

The cgit package to use.

The geth package to use.

Uhub plugin configuration.

Adds DirectoryIndex directive

Alias directory for requests

Enables nylon as a running service upon activation.

Whether to enable Go Ethereum HTTP API.

Aliases of that unit.

Aliases of that unit.

Levels (minimum value for logged events): 0 = verbose debugging 1 = debugging 2 = informational messages 3 = notification 4 = warning

Adds try_files directive.

Marks the server as a backup server

Isolate traffic between stations (clients) and prevent them from communicating with each other.

If the specified units are started at the same time as this unit, delay this unit until they have started.

If the specified units are started at the same time as this unit, delay this unit until they have started.

Keeps the specified running while this unit is running

Wireguard address of this peer (a single IP address, multiple addresses or address ranges are not supported).

Interfaces for which to start wpa_supplicant

ID of the group in initrd.

Output gamma configuration.

Start of the range of subordinate user ids that user is allowed to use.

Start of the range of subordinate group ids that user is allowed to use.

Units that want (i.e. depend on) this unit

Units that want (i.e. depend on) this unit

Optional PKCS#11 module name.

A list of email addresses to send certificate updates to.

The device to update.

Disable running fsck on this filesystem.

Vertical scaling factor/pixels.

Horizontal scaling factor/pixels.

Password HMAC-SHA-256 for JSON-RPC connections

How to name the created archives

Keep this unit running as long as the listed units are running

Keep this unit running as long as the listed units are running

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Start the specified units when this unit is started.

Start the specified units when this unit is started.

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

Subordinate user ids that user is allowed to use

Subordinate group ids that user is allowed to use

A list of one or more units that are activated when this unit enters the "failed" state.

A list of one or more units that are activated when this unit enters the "inactive" state.

Directory for the ACME challenge, which is public

Label of the unlocked encrypted device

Whether to enable this PPP peer.

Port to bind the TTS server to.

User account under which this pool runs.

The domain name to collect stats for.

Remote public key in hexadecimal form.

Name of this virtual host

A system group name for this client instance.

A system group name for this client instance.

Units that want (i.e. depend on) this unit

Units that want (i.e. depend on) this unit

Adds a return directive, for e.g. redirections.

Local name of the IBM TSM server, must not contain space or more than 64 chars.

Determine whether the mounted path will be accessed in read-only mode.

Optional PKCS#11 module name.

A systemd service name to use (without .service suffix).

A systemd service name to use (without .service suffix).

Each attribute in this set specifies an option in the [Unit] section of the unit

Each attribute in this set specifies an option in the [Path] section of the unit

User name of file owner

The path to the user's shell in initrd.

Group the user belongs to in initrd.

Sets up a simple reverse proxy as described by https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html#simple.

Master=false means slave server

Limit retry time for secondary zones.

Whether to enable this RAUC slot.

Label for this destination

If the specified units are started at the same time as this unit, delay them until this unit has started.

If the specified units are started at the same time as this unit, delay them until this unit has started.

DNS full-qualified domain name of a database server

The user names of the group members, added to the /etc/group file.

Path to the file which contains the actual base64 encoded key

Keep this unit running as long as the listed units are running

Keep this unit running as long as the listed units are running

Enables HTTP/3 over QUIC on the UDP port for TLS

The network to connect to

Whether to enable the output.

Output rotate configuration.

Automatically allocate subordinate user and group ids for this user

Name of the homebridge

The name of the database to store data in.

Environment variables used for this PHP-FPM pool.

Count of subordinate group ids

Count of subordinate user ids

A system group name for this client instance.

A system group name for this client instance.

Key type to use for private keys

Tunnel type.

Aliases of that unit.

Aliases of that unit.

Set the date on which the user's account will no longer be accessible

If the specified units are started at the same time as this unit, delay this unit until they have started.

If the specified units are started at the same time as this unit, delay this unit until they have started.

Keeps the specified running while this unit is running

These lines go to the end of cgitrc verbatim.

Shell commands executed to stop the service.

Adds DirectoryIndex directive

Alias directory for requests

Adds uwsgi_pass directive and sets recommended proxy headers if recommendedUwsgiSettings is enabled.

Adds proxy_pass directive and sets recommended proxy headers if recommendedProxySettings is enabled.

The database name.

Server name to verify the hostname on the returned gRPC certificates

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Specify the log file name

List of IP addresses this server is advertised under

Enable logging, default is no logging.

Mount point on the container file system.

Path of the underlying encrypted block device.

Commands to run after new certificates go live

The ID of the sound card

Location of hardware kiss tnc for this interface.

Optional PKCS#11 module name.

Tunnel type.

Text of the file.

Email address for account creation and correspondence from the CA

Minimum remaining validity before renewal in days.

A list of one or more units that are activated when this unit enters the "failed" state.

A list of one or more units that are activated when this unit enters the "inactive" state.

Name of the tun device

Configuration for this host

Start the specified units when this unit is started.

Keeps the specified running while this unit is running

Keeps the specified running while this unit is running

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

If the specified units are started at the same time as this unit, delay them until this unit has started.

If the specified units are started at the same time as this unit, delay them until this unit has started.

Group name of file owner

When or how often the backup should run

A list of host names and/or IP numbers used for accessing the host's ssh service

Basic Auth protection for a vhost

Name shown in the website title and on the front page.

Keyset used for tunnel identity.

Group account under which this pool runs.

Units that want (i.e. depend on) this unit

Database name to connect to

Performs reverse path filtering (RPF) on IPv6 packets as per RFC 3704

Each attribute in this set specifies an option in the [Path] section of the unit

Each attribute in this set specifies an option in the [Unit] section of the unit

Port number of Go Ethereum metrics service.

Listen address of Go Ethereum HTTP API.

pppd configuration for this peer, see the pppd(8) man page.

A short description of the user account, typically the user's full name

Indicates whether this is an account for a “real” user

A program name specifying a Postfix service/daemon process

The database engine name

Whether to enable the filesystem mount.

Source directories.

Guaranteed minimum hops for ‹name› tunnels.

Aliases of that unit.

Aliases of that unit.

Keep this unit running as long as the listed units are running

Keep this unit running as long as the listed units are running

The serial port speed of this interface.

A list of one or more units that are activated when this unit enters the "inactive" state.

A list of one or more units that are activated when this unit enters the "failed" state.

A list of one or more units that are activated when this unit enters the "failed" state.

A list of one or more units that are activated when this unit enters the "inactive" state.

Units that want (i.e. depend on) this unit

These lines go to the end of the location verbatim.

These lines go to the end of the location verbatim.

The port on which the tub will listen

The port on which the Web server will listen

Keyset used for tunnel identity.

List of configuration directives for this UPS.

The full path to a file that contains the user's (clear text) password

Indicates if the user is a system user or not

Domain name

Port number of Go Ethereum Auth RPC API.

Whether to offload computation onto a CUDA compatible GPU.

Whether output should be marked as primary

Root directory for requests.

Output scaling method.

Sets up a simple reverse proxy as described by https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html#simple.

Optional slot number of the token that stores the certificate.

Name of the voice model to use

Dataset name to send snapshots to.

Guaranteed minimum hops for ‹name› tunnels.

The user as which to run bitcoind.

Blockchain sync mode.

Maximum peers to connect to.

The Flake URI of the NixOS configuration to use for the container

The packaged Helm chart

UUID of the stratis pool that the fs is located in

This is only relevant if you are using stratis.

The specified name-string must be the generic SCSI device name of the autochanger that corresponds to the normal read/write Archive Device specified in the Device resource

Each attribute in this set specifies an option in the [Exec] section of this unit

Each attribute in this set specifies an option in the [Unit] section of the unit

Each attribute in this set specifies an option in the [Unit] section of the unit

Shell commands executed to stop the service.

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

The ID of your hook

GVPE node name

The option to use this LUKS device with a GPG encrypted luks password by the GPG Smartcard

Name of the class implementing the check

Let the user initiate specific instant commands

If the specified units are started at the same time as this unit, delay this unit until they have started.

Source of the plugin package or path

The location of the Drupal files directory.

The set of packages that should be made available to the user

The path to repo in local machine

Shell commands executed after the service's main process has exited.

If true, the user's shell will be set to users.defaultUserShell.

Service port

When to run the job.

Optional slot number of the token that stores the certificate.

Alias directory for requests.

Adds index directive.

The name of the Stash Box

The location of the Drupal site state directory.

Start the specified units when this unit is started.

Hash, with md5, client names and MAC addresses

Controls how long a valid or invalid entry remains in the cache, in milliseconds.

Keeps the specified running while this unit is running

If the specified units are started at the same time as this unit, delay them until this unit has started.

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

If the specified units are started at the same time as this unit, delay them until this unit has started.

Keeps the specified running while this unit is running

When you have multiple UPSes on your system, you usually need to turn them off in a certain order. upsdrvctl shuts down all the 0s, then the 1s, 2s, and so on

Override the default port on which to listen for connections.

Contents of the PAM service file.

Keep this unit running as long as the listed units are running

Keep this unit running as long as the listed units are running

Packages added to the service's PATH environment variable

Name shown in the server list.

Extra configuration to be appended to awstats.${name}.conf.

Absolute path to the certificate to load

Shell commands executed before the service's main process is started.

Put the host-side of the veth-pair into the named bridge

Path to world folder containing the dimension to render

List of servers for inclusion in stub and secondary zones.

The IP interface to bind to. null means "all interfaces".

Identifier of the UPS to monitor, in this form: <upsname>[@<hostname>[:<port>]] See upsmon.conf for details.

Start of the range of subordinate group ids that user is allowed to use.

Start of the range of subordinate user ids that user is allowed to use.

Legacy RSA public key of the host in PEM format, including start and end markers

Output position

The data directory for bitcoind.

When or how often the backup should run

Blacklist an attacker when its score exceeds threshold

Aliases of that unit.

Aliases of that unit.

Name that will be shown to the user.

Adds try_files directive.

cgit configuration, see cgitrc(5)

Configuration of uhub

Which local IP to bind the UDP socket to.

Enable unlocking and mounting of encrypted ZFS home dataset at login.

A list of one or more units that are activated when this unit enters the "failed" state.

A list of one or more units that are activated when this unit enters the "inactive" state.

A list of one or more units that are activated when this unit enters the "failed" state.

A list of one or more units that are activated when this unit enters the "inactive" state.

Name of a file containing the spiped key

A name for the drive

The address on which to accept FastCGI requests.

The certificate profile to choose if the CA offers multiple profiles.

Custom name of this poller.

Start the specified units when this unit is started, and stop this unit when the specified units are stopped or fail.

Extra lines to add to the tinc service configuration file

Location of bitcoind pid file.

If set to false, this unit will be a symlink to /dev/null

If set to false, this unit will be a symlink to /dev/null

The kimai package to use.

The tahoelafs package to use.

Name of the user to log in

These lines go to the end of the location verbatim.

Each attribute in this set specifies an option in the [Unit] section of the unit

Each attribute in this set specifies an option in the [Unit] section of the unit

The group of the wrapper program.

The group as which to run bitcoind.

The owner of the wrapper program.

Basic Auth password file for a vhost

Common name attribute of allowed peer certificates

Common name attribute of allowed peer certificates

Text of the file.

Text of the file.

Absolute path to the certificate to load

The name of the module

Source ZFS dataset

Shell commands executed as the service's main process.

Whether to enable Drupal web application.

Extra arguments to pass to the server commandline.

Whether to enable Coqui TTS server.

Specifies the number of retries for failed notifies

If the specified units are started at the same time as this unit, delay this unit until they have started.

Name of the class implementing the check

Text of the file.

Each attribute in this set specifies an option in the [Slice] section of the unit

Each attribute in this set specifies an option in the [Files] section of this unit

The packaged Helm chart

Automatically retrieve listen addresses from the Yggdrasil router configuration

Guaranteed minimum hops for ‹name› tunnels.

Optional slot number of the token that stores the certificate.

Type of the file system

Override the default port on which to listen for JSON-RPC connections.

Shell commands executed after the service's main process has exited.

Keeps the specified running while this unit is running

Keeps the specified running while this unit is running

The IPv6 address assigned to the host interface. (Not used when hostBridge is set.)

Append Yggdrasil router configuration with listeners on loopback addresses (127.0.0.1) and preselected ports to support peering using client-server protocols like quic and tls

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

PostgreSQL host for operating remotely.

Configuration for MPD

Attribute set of NetBird client daemons, by default each one will:

1. be manageable using dedicated tooling:

• netbird-<name> script,
• NetBird - netbird-<name> graphical interface when appropriate (see ui.enable),

2. run as a netbird-<name>.service,
3. listen for incoming remote connections on the port 51820 (openFirewall by default),
4. manage the netbird-<name> wireguard interface,
5. use the /var/lib/netbird-/config.json configuration file,
6. override /var/lib/netbird-/config.json with values from /etc/netbird-/config.d/*.json,
7. (hardened) be locally manageable by netbird-<name> system group,

With following caveats:

• multiple daemons will interfere with each other's DNS resolution of netbird.cloud, but should remain fully operational otherwise

Whether to enable the filesystem mount.

Whether to enable proxy for this bucket

As which user the backup should run.

Path to the Public Key.

add will additionally listen for TLS connections. only will disable TLS connections. force will redirect non-TLS traffic to the TLS connection.

The subnets which this tinc daemon will serve

Additional global flags to pass to all lego commands.

Adds a return directive, for e.g. redirections.

Shell commands executed after the service's main process is started.

Shell commands executed when the service's main process is reloaded.

The name of a .desktop file in the directory specified in the 'package' option.

Language of the environment

Guaranteed minimum hops for ‹name› tunnels.

IP of the Redis master

Order of this location block in relation to the others in the vhost

Order of this location block in relation to the others in the vhost

Hex-encoded CKA_ID or handle of the certificate on a token or TPM, respectively

Number of power supplies that the UPS feeds on this system

Packages added to the service's PATH environment variable

Keep this unit running as long as the listed units are running

Keep this unit running as long as the listed units are running

Name of the runner group to add this runner to (defaults to the default runner group)

A short description of the user account, typically the user's full name

The name of the user for this authelia instance.

The name the camera will show up as.

Configure unit start rate limiting

The connection type defines the connection kind, like vpn, wireguard, gsm, wifi and more.

Errbot backend name.

This is the absolute path to the plugin executable.

Set maximum cache size

Extra zone config to be appended at the end of the zone section.

Shell commands executed before the service's main process is started.

Whether to ask Let’s Encrypt to sign a certificate for this virtual host

Path to file containing local secret key in binary or hexadecimal form.

If the specified units are started at the same time as this unit, delay them until this unit has started.

A list of one or more units that are activated when this unit enters the "failed" state.

A list of one or more units that are activated when this unit enters the "inactive" state.

A list of one or more units that are activated when this unit enters the "failed" state.

A list of one or more units that are activated when this unit enters the "inactive" state.

Limit retry time for secondary zones

Which slot on the YubiKey to challenge.

Whether to enable SFTP service.

Set the date on which the user's account will no longer be accessible

Station MAC address -based authentication

Whether to operate in tun (IP) or tap (Ethernet) mode.

The port on which the SFTP server will listen

The name of your network of sr.ht-based sites.

Output scale configuration

Additional flags to pass to lego run.

List of virtual hostnames from which to accept requests.

IP address of server running hans

The location for users to install Drupal themes.

Limit refresh time for secondary zones.

Limit on the number of simultaneous connections allowed.

If set to false, this unit will be a symlink to /dev/null

If set to false, this unit will be a symlink to /dev/null

List of address ranges allowed to query this zone

If set, root doesn't need to authenticate (e.g. for the useradd service).

Start the specified units when this unit is started, and stop this unit when the specified units are stopped or fail.

Adds uwsgi_pass directive and sets recommended proxy headers if recommendedUwsgiSettings is enabled.

Adds proxy_pass directive and sets recommended proxy headers if recommendedProxySettings is enabled.

Determines how multiple values are joined to create the claim value

Specifies the clear text password for the account

Aliases of that unit.

Each attribute in this set specifies an option in the [Unit] section of the unit

Each attribute in this set specifies an option in the [Unit] section of the unit

Type of the file system

Each attribute in this set specifies an option in the [Timer] section of the unit

Whether to show the message of the day.

Hex-encoded CKA_ID or handle of the certificate on a token or TPM, respectively

Absolute path to the certificate to load

Owner's name.

Name of the heat source.

Each attribute of this option defines a systemd service that runs an OpenVPN instance

File or block device to export.

Location to serve cgit under.

Path of the source file.

Settings for this slot.

Address to which spiped should connect.

Location of the backing encrypted device.

Whether to enable Go Ethereum prometheus metrics.

RPC user information for JSON-RPC connections.

IP and port to which this redis instance acts as a slave.

Shell commands executed as the service's main process.

Hostname alias(es).

Username for this DDNS provider.

DDNS server name.

The TCP port to accept connections

Each attribute in this set specifies an option in the [Slice] section of the unit

Whether to enable the HTTP/3 protocol

Specifies if TLS should be enabled

Specifies if TLS should be enabled

The user as which to run blockbook-frontend-‹name›.

If set, the OATH Toolkit will be used.

Keeps the specified running while this unit is running