| systemd.units.<name>.text | Text of this systemd unit.
|
| systemd.user.units.<name>.text | Text of this systemd unit.
|
| services.rspamd.locals.<name>.text | Text of the file.
|
| environment.etc.<name>.text | Text of the file.
|
| services.asusd.auraConfigs.<name>.text | Text of the file.
|
| programs.neovim.runtime.<name>.text | Text of the file.
|
| security.pam.services.<name>.text | Contents of the PAM service file.
|
| boot.initrd.systemd.contents.<name>.text | Text of the file.
|
| services.sympa.settingsFile.<name>.text | Text of the file.
|
| services.rspamd.overrides.<name>.text | Text of the file.
|
| systemd.shutdownRamfs.contents.<name>.text | Text of the file.
|
| virtualisation.credentials.<name>.text | Text content of the credential
|
| services.asusd.animeConfig.text | Text of the file.
|
| services.asusd.asusdConfig.text | Text of the file.
|
| services.bacula-sd.director.<name>.tls.require | Require TLS or TLS-PSK encryption
|
| services.bacula-fd.director.<name>.tls.require | Require TLS or TLS-PSK encryption
|
| services.bacula-sd.director.<name>.tls.verifyPeer | Verify peer certificate
|
| services.bacula-fd.director.<name>.tls.verifyPeer | Verify peer certificate
|
| services.asusd.fanCurvesConfig.text | Text of the file.
|
| services.asusd.userLedModesConfig.text | Text of the file.
|
| services.asusd.profileConfig.text | Text of the file.
|
| services.murmur.textMsgLength | Max length of text messages
|
| services.openssh.authorizedKeysFiles | Specify the rules for which files to read on the host
|
| services.nginx.virtualHosts.<name>.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.bacula-sd.director.<name>.tls.enable | Specifies if TLS should be enabled
|
| services.bacula-fd.director.<name>.tls.enable | Specifies if TLS should be enabled
|
| services.fedimintd.<name>.nginx.config.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.davis.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.slskd.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.movim.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.bacula-sd.director.<name>.tls.allowedCN | Common name attribute of allowed peer certificates
|
| services.bacula-fd.director.<name>.tls.allowedCN | Common name attribute of allowed peer certificates
|
| services.snipe-it.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.akkoma.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.fluidd.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.gancio.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.monica.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.matomo.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.pgbackrest.stanzas.<name>.settings | An attribute set of options as described in:
https://pgbackrest.org/configuration.html
All options can be used
|
| services.kanboard.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.dolibarr.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.librenms.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.agorakit.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.fediwall.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.pixelfed.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.mainsail.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.postgresql.systemCallFilter | Configures the syscall filter for postgresql.service
|
| services.filebeat.inputs | Inputs specify how Filebeat locates and processes input data
|
| services.radicle.httpd.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.bacula-sd.director.<name>.tls.certificate | The full path to the PEM encoded TLS certificate
|
| services.bacula-fd.director.<name>.tls.certificate | The full path to the PEM encoded TLS certificate
|
| services.anuko-time-tracker.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.bookstack.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.bacula-sd.director.<name>.tls.caCertificateFile | The path specifying a PEM encoded TLS CA certificate(s)
|
| services.bacula-fd.director.<name>.tls.caCertificateFile | The path specifying a PEM encoded TLS CA certificate(s)
|
| services.jirafeau.nginxConfig.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.zabbixWeb.nginx.virtualHost.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.metricbeat.modules | Metricbeat modules are responsible for reading metrics from the various sources
|
| networking.tempAddresses | Whether to enable IPv6 Privacy Extensions for interfaces not
configured explicitly in
networking.interfaces._name_.tempAddress
|
| services.openssh.authorizedKeysInHomedir | Enables the use of the ~/.ssh/authorized_keys file
|
| services.filebeat.modules | Filebeat modules provide a quick way to get started
processing common log formats
|
| services.syncthing.overrideFolders | Whether to delete the folders which are not configured via the
folders option
|
| services.nncp.daemon.socketActivation.listenStreams | TCP sockets to bind to
|
| services.limesurvey.nginx.virtualHost.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.misskey.reverseProxy.webserver.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.matrix-synapse.log | Default configuration for the loggers used by matrix-synapse and its workers
|
| power.ups.users.<name>.passwordFile | The full path to a file that contains the user's (clear text)
password
|
| services.airsonic.contextPath | The context path, i.e., the last part of the Airsonic
URL
|
| services.subsonic.contextPath | The context path, i.e., the last part of the Subsonic
URL
|
| boot.loader.grub.users.<name>.password | Specifies the clear text password for the account
|
| services.murmur.welcometext | Welcome message for connected clients.
|
| services.gitwatch.<name>.message | Optional text to use in as commit message; all occurrences of %d will be replaced by formatted date/time
|
| boot.loader.grub.users.<name>.passwordFile | Specifies the path to a file containing the
clear text password for the account
|
| services.sharkey.settings.fulltextSearch.provider | Which provider to use for full text search
|
| services.crowdsec.localConfig.contexts | A list of additional contexts to specify
|
| services.tor.settings.WarnPlaintextPorts | See torrc manual.
|
| services.bacula-sd.director.<name>.password | Specifies the password that must be supplied for the default Bacula
Console to be authorized
|
| services.bacula-fd.director.<name>.password | Specifies the password that must be supplied for the default Bacula
Console to be authorized
|
| services.nginx.virtualHosts.<name>.basicAuth | Basic Auth protection for a vhost
|
| nix.extraOptions | Additional text appended to nix.conf.
|
| services.prometheus.scrapeConfigs.*.label_name_length_limit | Per-scrape limit on length of labels name that will be accepted for a sample
|
| services.tor.settings.RejectPlaintextPorts | See torrc manual.
|
| services.sourcehut.settings."hg.sr.ht".srhtext | Path to the srht mercurial extension
(defaults to where the hgsrht code is)
|
| services.redis.servers.<name>.requirePass | Password for database (STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)
|
| services.redis.servers.<name>.masterAuth | If the master is password protected (using the requirePass configuration)
it is possible to tell the slave to authenticate before starting the replication synchronization
process, otherwise the master will refuse the slave request.
(STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)
|
| services.nginx.virtualHosts.<name>.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| programs.tsmClient.servers.<name>.inclexcl | Text lines with include.* and exclude.* directives
to be used when sending files to the IBM TSM server,
or an absolute path pointing to a file with such lines.
|
| services.umurmur.settings.welcometext | Welcome message for connected clients.
|
| services.davis.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.slskd.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.movim.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.snipe-it.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.gancio.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.fedimintd.<name>.nginx.config.basicAuth | Basic Auth protection for a vhost
|
| services.fluidd.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.akkoma.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.matomo.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.monica.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.wordpress.sites.<name>.extraConfig | Any additional text to be appended to the wp-config.php
configuration file
|
| services.fedimintd.<name>.nginx.config.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| boot.plymouth.font | Font file made available for displaying text on the splash screen.
|
| users.users.<name>.password | Specifies the (clear text) password for the user
|
| services.fediwall.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.kanboard.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.librenms.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.dolibarr.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.agorakit.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.mainsail.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.pixelfed.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| programs.vim.enable | Whether to enable Vi IMproved, an advanced text editor.
|
| services.printing.cups-pdf.instances.<name>.confFileText | This will contain the contents of cups-pdf.conf for this instance, derived from settings
|
| services.radicle.httpd.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.anuko-time-tracker.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| users.extraUsers.<name>.password | Specifies the (clear text) password for the user
|
| services.bookstack.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.jirafeau.nginxConfig.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| programs.nano.enable | Whether to enable nano, a small user-friendly console text editor.
|
| services.zabbixWeb.nginx.virtualHost.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.ntp.extraConfig | Additional text appended to ntp.conf.
|
| services.mosquitto.listeners.*.users.<name>.password | Specifies the (clear text) password for the MQTT User.
|
| services.maddy.ensureCredentials.<name>.passwordFile | Specifies the path to a file containing the
clear text password for the user.
|
| security.sudo.extraConfig | Extra configuration text appended to sudoers.
|
| services.dae.config | WARNING: This option will expose store your config unencrypted world-readable in the nix store
|
| security.sudo-rs.extraConfig | Extra configuration text appended to sudoers.
|
| programs.xonsh.config | Extra text added to the end of /etc/xonsh/xonshrc,
the system-wide control file for xonsh.
|
| services.vault.extraConfig | Extra text appended to vault.hcl.
|
| services.nextcloud.settings.mail_send_plaintext_only | Email will be sent by default with an HTML and a plain text body
|
| services.wyoming.faster-whisper.servers.<name>.initialPrompt | Optional text to provide as a prompt for the first window
|
| services.mosquitto.listeners.*.users.<name>.passwordFile | Specifies the path to a file containing the
clear text password for the MQTT user
|
| services.grafana.settings.users.login_hint | Text used as placeholder text on login page for login/username input.
|
| services.athens.basicAuthPass | Password for basic auth
|
| services.limesurvey.nginx.virtualHost.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.agate.language | RFC 4646 Language code for text/gemini documents.
|
| services.gitweb.extraConfig | Verbatim configuration text appended to the generated gitweb.conf file.
|
| services.solanum.motd | Solanum MOTD text
|
| security.doas.extraConfig | Extra configuration text appended to doas.conf
|
| programs.ssh.extraConfig | Extra configuration text prepended to ssh_config
|
| services.teeworlds.motd | The server's message of the day text.
|
| services.davis.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.movim.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.syncplay.motdFile | Path to text to display when users join
|
| services.slskd.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.monero.banlist | Path to a text file containing IPs to block
|
| services.snipe-it.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.weblate.extraConfig | Text to append to settings.py Weblate configuration file.
|
| services.misskey.reverseProxy.webserver.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| programs.tsmClient.dsmSysText | This configuration key contains the effective text
of the client system-options file "dsm.sys"
|
| services.moodle.extraConfig | Any additional text to be appended to the config.php
configuration file
|
| services.athens.githubToken | Creates .netrc file with the given token to be used for GitHub
|
| services.gancio.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.fluidd.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.akkoma.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.syslogd.extraConfig | Additional text appended to syslog.conf,
i.e. the contents of defaultConfig.
|
| services.monica.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.matomo.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.xonotic.appendConfig | Literal text to insert at the end of server.cfg.
|
| services.syncplay.motd | Text to display when users join
|
| boot.loader.grub.splashImage | Background image used for GRUB
|
| services.openntpd.extraConfig | Additional text appended to openntpd.conf.
|
| services.grafana.settings.users.password_hint | Text used as placeholder text on login page for password input.
|
| services.jitsi-meet.extraConfig | Text to append to config.js web application config file
|
| services.athens.storage.s3.token | Token for the S3 storage backend
|
| services.terraria.messageOfTheDay | Set the server message of the day text.
|
| services.xonotic.prependConfig | Literal text to insert at the start of server.cfg.
|
| services.charybdis.motd | Charybdis MOTD text
|
| services.lavalink.password | The password for Lavalink's authentication in plain text.
|
| services.rsyslogd.extraConfig | Additional text appended to syslog.conf,
i.e. the contents of defaultConfig.
|
| services.athens.storage.gcp.jsonKey | Base64 encoded GCP service account key
|
| services.cloudlog.extraConfig | Any additional text to be appended to the config.php
configuration file
|
| services.vault.listenerExtraConfig | Extra text appended to the listener section.
|
| services.athens.storage.s3.secret | Secret key for the S3 storage backend
|
| services.snmpd.configText | The contents of the snmpd.conf
|
| services.prometheus.alertmanager.configText | Alertmanager configuration as YAML text
|
| services.librenms.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.agorakit.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.dolibarr.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.kanboard.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.fediwall.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.mainsail.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.pixelfed.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.greetd.useTextGreeter | Whether the greeter uses text-based user interfaces (For example, tuigreet)
|
| services.postfix.enableSmtp | Whether to enable the smtp service configured in the master.cf
|
| services.sogo.configReplaces | Replacement-filepath mapping for sogo.conf
|
| services.radicle.httpd.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.mediawiki.extraConfig | Any additional text to be appended to MediaWiki's
LocalSettings.php configuration file
|
| services.anuko-time-tracker.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.athens.index.mysql.password | Password for the MySQL database
|
| services.athens.storage.minio.secret | Secret key for the minio storage backend
|
| services.bookstack.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.xonotic.settings.sv_motd | Text displayed when players join the server.
|
| services.postgrey.greylistText | Response status text for greylisted messages; use %%s for seconds left until greylisting is over and %%r for mail domain of recipient
|
| services.bird-lg.frontend.navbar.allServers | Text of 'All server' button in the navigation bar.
|
| services._3proxy.usersFile | Load users and passwords from this file
|
| services.jirafeau.nginxConfig.basicAuth | Basic Auth protection for a vhost
|
| services.prometheus.configText | If non-null, this option defines the text that is written to
prometheus.yml
|
| services.zabbixWeb.nginx.virtualHost.basicAuth | Basic Auth protection for a vhost
|
| services.zitadel.settings.TLS.Cert | The TLS certificate, as a base64-encoded string
|
| services.zitadel.settings.TLS.Key | The TLS certificate private key, as a base64-encoded string
|
| documentation.doc.enable | Whether to install documentation distributed in packages' /share/doc
|
| services.immich.database.enableVectorChord | Whether to enable the new VectorChord extension for full-text search in Postgres.
|
| services.komodo-periphery.passkeys | Passkeys required to access the periphery API
|
| services.athens.index.postgres.password | Password for the Postgres database
|
| services.athens.singleFlight.redis.password | Password for the redis server
|
| services.suricata.settings.stats | Engine statistics such as packet counters, memory use counters and others can be logged in several ways
|
| boot.loader.grub.timeoutStyle |
menu shows the menu.countdown uses a text-mode countdown.hidden hides GRUB entirely
|
| services.hylafax.userAccessFile | The hosts.hfaxd
file entry in the spooling area
will be symlinked to the location given here
|
| networking.tcpcrypt.enable | Whether to enable opportunistic TCP encryption
|
| services.nitter.preferences.bidiSupport | Support bidirectional text (makes clicking on tweets harder).
|
| services.vsftpd.userDbPath | Only applies if enableVirtualUsers is true
|
| environment.wordlist.lists | A set with the key names being the environment variable you'd like to
set and the values being a list of paths to text documents containing
lists of words
|
| services.karakeep.meilisearch.enable | Enable Meilisearch and configure Karakeep to use it
|
| services.athens.storage.azureblob.accountKey | Account key for the Azure Blob storage backend
|
| services.pinnwand.settings.paste_help | Raw HTML help text shown in the header area.
|
| services.limesurvey.nginx.virtualHost.basicAuth | Basic Auth protection for a vhost
|
| services.postfix.enableSubmission | Whether to enable the `submission` service configured in master.cf
|
| services.crossfire-server.configFiles | Text to append to the corresponding configuration files
|
| services.mastodon.elasticsearch.host | Elasticsearch host
|
| services.misskey.reverseProxy.webserver.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.vault.extraSettingsPaths | Configuration files to load besides the immutable one defined by the NixOS module
|
| services.dendrite.settings.sync_api.search.enabled | Whether to enable Dendrite's full-text search engine.
|
| boot.loader.limine.style.graphicalTerminal.foreground | Text foreground color (RRGGBB).
|
| boot.loader.limine.style.graphicalTerminal.background | Text background color (TTRRGGBB)
|
| services.athens.singleFlight.redisSentinel.sentinelPassword | Password for the sentinel server
|
| boot.loader.limine.style.graphicalTerminal.brightForeground | Text foreground bright color (RRGGBB).
|
| boot.loader.limine.style.graphicalTerminal.brightBackground | Text background bright color (RRGGBB).
|
| services.prometheus.exporters.pve.configFile | Path to the service's config file
|
| documentation.man.mandoc.settings.output.indent | Number of blank characters at the left margin for normal text,
default of 5 for mdoc(7) and 7 for
man(7)
|
| services.prometheus.exporters.pve.environmentFile | Path to the service's environment file
|
| services.jellyfin.transcoding.enableSubtitleExtraction | Embedded subtitles can be extracted from videos and delivered to clients in plain text, in order to help prevent video transcoding
|
| services.prometheus.exporters.idrac.configurationPath | Path to the service's config file
|
| services.grafana.provision.alerting.templates.settings.templates.*.template | Alerting with a custom text template
|
| services.prometheus.exporters.mail.configuration.servers | List of servers that should be probed.
Note: if your mailserver has rspamd(8) configured,
it can happen that emails from this exporter are marked as spam
|