| systemd.targets.<name>.wants | Start the specified units when this unit is started.
|
| services.autorandr.profiles.<name>.config.<name>.mode | Output resolution.
|
| services.autorandr.profiles.<name>.config.<name>.rate | Output framerate.
|
| services.mpd.dbFile | The path to MPD's database
|
| swapDevices.*.size | If this option is set, ‘device’ is interpreted as the
path of a swapfile that will be created automatically
with the indicated size in MiB (1024×1024 bytes).
|
| services.homebridge.uiSettings.name | Name of the homebridge UI platform
|
| hardware.printers.ensurePrinters.*.name | Name of the printer / printer queue
|
| services.pretalx.settings.database.name | Database name.
|
| systemd.user.units.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| fileSystems.<name>.mountPoint | Location where the file system will be mounted
|
| systemd.sockets.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| systemd.targets.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| services.nginx.virtualHosts.<name>.locations.<name>.alias | Alias directory for requests.
|
| services.nginx.virtualHosts.<name>.locations.<name>.index | Adds index directive.
|
| services.epgstation.database.name | Name of the MySQL database that holds EPGStation's data.
|
| services.metricbeat.settings.name | Name of the beat
|
| services.ndppd.proxies.<name>.rules.<name>.method | static: Immediately answer any Neighbor Solicitation Messages
(if they match the IP rule).
iface: Forward the Neighbor Solicitation Message through the specified
interface and only respond if a matching Neighbor Advertisement
Message is received.
auto: Same as iface, but instead of manually specifying the outgoing
interface, check for a matching route in /proc/net/ipv6_route.
|
| services.hadoop.yarn.nodemanager.openFirewall | Open firewall ports for nodemanager
|
| services.keycloak.database.name | Database name to use when connecting to an external or
manually provisioned database; has no effect when a local
database is automatically provisioned
|
| services.grafana.settings.database.name | The name of the Grafana database.
|
| services.kanidm.unixSettings.hsm_pin_path | Path to a HSM pin.
|
| services.hedgedoc.settings.urlPath | URL path for the website
|
| systemd.units.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| systemd.timers.<name>.bindsTo | Like ‘requires’, but in addition, if the specified units
unexpectedly disappear, this unit will be stopped as well.
|
| systemd.slices.<name>.bindsTo | Like ‘requires’, but in addition, if the specified units
unexpectedly disappear, this unit will be stopped as well.
|
| systemd.user.slices.<name>.wants | Start the specified units when this unit is started.
|
| systemd.user.timers.<name>.wants | Start the specified units when this unit is started.
|
| services.autorandr.profiles.<name>.config.<name>.crtc | Output video display controller.
|
| users.extraUsers.<name>.createHome | Whether to create the home directory and ensure ownership as well as
permissions to match the user.
|
| services.borgbackup.jobs.<name>.archiveBaseName | How to name the created archives
|
| systemd.user.slices.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| systemd.user.timers.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| nix.registry.<name>.exact | Whether the from reference needs to match exactly
|
| services.confd.confDir | The path to the confd configs.
|
| services.coder.tlsCert | The path to the TLS certificate.
|
| services.ttyd.caFile | SSL CA file path for client certificate verification.
|
| services.rustus.url | url path for uploads
|
| services.ttyd.certFile | SSL certificate file path.
|
| systemd.mounts.*.what | Absolute path of device node, file or other resource. (Mandatory)
|
| services.dawarich.database.host | Hostname or address of the postgresql server
|
| services.httpd.virtualHosts.<name>.locations.<name>.index | Adds DirectoryIndex directive
|
| services.httpd.virtualHosts.<name>.locations.<name>.alias | Alias directory for requests
|
| services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.cert.<name>.module | Optional PKCS#11 module name.
|
| services.hadoop.yarn.nodemanager.resource.memoryMB | Amount of physical memory, in MB, that can be allocated for containers.
|
| systemd.slices.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| systemd.timers.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| services.kanidm.unix.settings.hsm_pin_path | Path to a HSM pin.
|
| services.geth.<name>.package | The geth package to use.
|
| services.cgit.<name>.package | The cgit package to use.
|
| services.uhub.<name>.plugins | Uhub plugin configuration.
|
| services.nginx.virtualHosts.<name>.locations.<name>.tryFiles | Adds try_files directive.
|
| services.bacula-fd.director.<name>.tls.verifyPeer | Verify peer certificate
|
| services.bacula-sd.director.<name>.tls.verifyPeer | Verify peer certificate
|
| services.stash.settings.scrapers_path | Path to scrapers
|
| systemd.timers.<name>.aliases | Aliases of that unit.
|
| systemd.slices.<name>.aliases | Aliases of that unit.
|
| users.users.<name>.useDefaultShell | If true, the user's shell will be set to
users.defaultUserShell.
|
| fileSystems.<name>.encrypted.label | Label of the unlocked encrypted device
|
| services.hostapd.radios.<name>.networks.<name>.apIsolate | Isolate traffic between stations (clients) and prevent them from
communicating with each other.
|
| services.h2o.hosts.<name>.host | Set the host address for this virtual host
|
| users.users.<name>.packages | The set of packages that should be made available to the user
|
| services.quicktun.<name>.publicKey | Remote public key in hexadecimal form.
Not needed when services.quicktun..protocol is set to raw.
|
| services.nginx.upstreams.<name>.servers.<name>.backup | Marks the server as a backup server
|
| services.nylon.<name>.enable | Enables nylon as a running service upon activation.
|
| services.multipath.devices.*.no_path_retry | Specify what to do when all paths are down
|
| services.autorandr.profiles.<name>.config.<name>.gamma | Output gamma configuration.
|
| security.acme.certs.<name>.group | Group running the ACME client.
|
| services.hostapd.radios.<name>.networks.<name>.logLevel | Levels (minimum value for logged events):
0 = verbose debugging
1 = debugging
2 = informational messages
3 = notification
4 = warning
|
| systemd.targets.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| systemd.sockets.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| services.h2o.hosts.<name>.tls.port | Override the default TLS port for this virtual host.
|
| systemd.sockets.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| systemd.targets.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| services.step-ca.intermediatePasswordFile | Path to the file containing the password for the intermediate
certificate private key.
Make sure to use a quoted absolute path instead of a path literal
to prevent it from being copied to the globally readable Nix
store.
|
| services.hydra.logo | Path to a file containing the logo of your Hydra instance.
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cert.<name>.module | Optional PKCS#11 module name.
|
| services.znapzend.zetup.<name>.destinations.<name>.label | Label for this destination
|
| systemd.user.slices.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| systemd.user.timers.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| services.netbird.clients | Attribute set of NetBird client daemons, by default each one will:
- be manageable using dedicated tooling:
netbird-<name> script,NetBird - netbird-<name> graphical interface when appropriate (see ui.enable),
- run as a
netbird-<name>.service,
- listen for incoming remote connections on the port
51820 (openFirewall by default),
- manage the
netbird-<name> wireguard interface,
- use the /var/lib/netbird-/config.json configuration file,
- override /var/lib/netbird-/config.json with values from /etc/netbird-/config.d/*.json,
- (
hardened) be locally manageable by netbird-<name> system group,
With following caveats:
- multiple daemons will interfere with each other's DNS resolution of
netbird.cloud, but
should remain fully operational otherwise
|
| fileSystems.<name>.autoFormat | If the device does not currently contain a filesystem (as
determined by blkid), then automatically
format it with the filesystem type specified in
fsType
|
| environment.etc.<name>.user | User name of file owner
|
| boot.initrd.extraFiles.<name>.source | The object to make available inside the initrd.
|
| programs.tsmClient.servers.<name>.servername | Local name of the IBM TSM server,
must not contain space or more than 64 chars.
|
| users.users.<name>.subGidRanges.*.startGid | Start of the range of subordinate group ids that user is
allowed to use.
|
| users.users.<name>.subUidRanges.*.startUid | Start of the range of subordinate user ids that user is
allowed to use.
|
| boot.initrd.systemd.users.<name>.uid | ID of the user in initrd.
|
| services.mpd.settings | Configuration for MPD
|
| systemd.user.slices.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| systemd.user.timers.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| services.bitcoind.<name>.rpc.users.<name>.passwordHMAC | Password HMAC-SHA-256 for JSON-RPC connections
|
| services.nsd.zones.<name>.dnssec | Whether to enable DNSSEC.
|
| services.nginx.virtualHosts.<name>.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.multipath.enable | Whether to enable the device mapper multipath (DM-MP) daemon.
|
| services.hostapd.radios.<name>.networks.<name>.macDeny | Specifies the MAC addresses to deny if macAcl is set to "deny" or "radius"
|
| services.awstats.configs.<name>.domain | The domain name to collect stats for.
|
| systemd.user.units.<name>.aliases | Aliases of that unit.
|
| services.fedimintd.<name>.nginx.config.serverName | Name of this virtual host
|
| networking.vlans.<name>.id | The vlan identifier
|
| services.murmur.sslKey | Path to your SSL key.
|