| services.h2o.hosts.<name>.acme.enable | Whether to ask Let’s Encrypt to sign a certificate for this
virtual host
|
| systemd.services.<name>.preStart | Shell commands executed before the service's main process
is started.
|
| services.drupal.sites.<name>.virtualHost.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.bitcoind.<name>.dataDir | The data directory for bitcoind.
|
| services.pgbackrest.stanzas.<name>.jobs.<name>.schedule | When or how often the backup should run
|
| services.bitcoind.<name>.rpc.port | Override the default port on which to listen for JSON-RPC connections.
|
| systemd.user.services.<name>.postStop | Shell commands executed after the service's main process
has exited.
|
| users.extraUsers.<name>.subGidRanges.*.startGid | Start of the range of subordinate group ids that user is
allowed to use.
|
| users.extraUsers.<name>.subUidRanges.*.startUid | Start of the range of subordinate user ids that user is
allowed to use.
|
| services.tahoe.nodes.<name>.sftpd.enable | Whether to enable SFTP service.
|
| services.tinc.networks.<name>.hostSettings.<name>.rsaPublicKey | Legacy RSA public key of the host in PEM format, including start and
end markers
|
| services.cgit.<name>.settings | cgit configuration, see cgitrc(5)
|
| services.uhub.<name>.settings | Configuration of uhub
|
| services.restic.backups.<name>.user | As which user the backup should run.
|
| services.tahoe.nodes.<name>.sftpd.port | The port on which the SFTP server will listen
|
| services.sourcehut.settings."sr.ht".site-name | The name of your network of sr.ht-based sites.
|
| containers.<name>.bindMounts.<name>.mountPoint | Mount point on the container file system.
|
| security.acme.certs.<name>.extraLegoFlags | Additional global flags to pass to all lego commands.
|
| services.jupyter.kernels.<name>.language | Language of the environment
|
| services.authelia.instances.<name>.user | The name of the user for this authelia instance.
|
| services.v4l2-relayd.instances.<name>.cardLabel | The name the camera will show up as.
|
| boot.loader.grub.users.<name>.password | Specifies the clear text password for the account
|
| services.errbot.instances.<name>.backend | Errbot backend name.
|
| systemd.user.services.<name>.path | Packages added to the service's PATH
environment variable
|
| systemd.user.sockets.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| systemd.user.targets.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| services.bitcoind.<name>.pidFile | Location of bitcoind pid file.
|
| systemd.paths.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| services.sourcehut.settings."sr.ht".owner-name | Owner's name.
|
| security.auditd.plugins.<name>.path | This is the absolute path to the plugin executable.
|
| services.nginx.proxyCachePath.<name>.maxSize | Set maximum cache size
|
| services.pid-fan-controller.settings.heatSources.*.name | Name of the heat source.
|
| services.fedimintd.<name>.nginx.config.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.nbd.server.exports.<name>.path | File or block device to export.
|
| services.bind.zones.<name>.extraConfig | Extra zone config to be appended at the end of the zone section.
|
| systemd.user.services.<name>.preStart | Shell commands executed before the service's main process
is started.
|
| services.rke2.autoDeployCharts.<name>.package | The packaged Helm chart
|
| security.wrappers.<name>.group | The group of the wrapper program.
|
| security.wrappers.<name>.owner | The owner of the wrapper program.
|
| services.bitcoind.<name>.group | The group as which to run bitcoind.
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cert.<name>.file | Absolute path to the certificate to load
|
| services.inadyn.settings.custom.<name>.ddns-server | DDNS server name.
|
| services.nginx.virtualHosts.<name>.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.bacula-sd.director.<name>.tls.enable | Specifies if TLS should be enabled
|
| services.bacula-fd.director.<name>.tls.enable | Specifies if TLS should be enabled
|
| systemd.services.<name>.script | Shell commands executed as the service's main process.
|
| services.nsd.zones.<name>.maxRetrySecs | Limit retry time for secondary zones
|
| environment.etc.<name>.text | Text of the file.
|
| systemd.paths.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| systemd.units.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| services.prometheus.exporters.rtl_433.ids.*.name | Name to match.
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cacert.<name>.slot | Optional slot number of the token that stores the certificate.
|
| systemd.nspawn.<name>.filesConfig | Each attribute in this set specifies an option in the
[Files] section of this unit
|
| systemd.slices.<name>.sliceConfig | Each attribute in this set specifies an option in the
[Slice] section of the unit
|
| boot.initrd.systemd.contents.<name>.text | Text of the file.
|
| services.geth.<name>.authrpc.vhosts | List of virtual hostnames from which to accept requests.
|
| services.hans.clients.<name>.server | IP address of server running hans
|
| security.acme.certs.<name>.extraLegoRunFlags | Additional flags to pass to lego run.
|
| services.drupal.sites.<name>.themesDir | The location for users to install Drupal themes.
|
| services.spiped.config.<name>.maxConns | Limit on the number of simultaneous connections allowed.
|
| services.nsd.zones.<name>.minRefreshSecs | Limit refresh time for secondary zones.
|
| services.h2o.hosts.<name>.tls.identity | Key / certificate pairs for the virtual host.
|
| services.nsd.zones.<name>.dnssecPolicy.zsk | Key policy for zone signing keys
|
| services.nsd.zones.<name>.dnssecPolicy.ksk | Key policy for key signing keys
|
| services.i2pd.inTunnels.<name>.inbound.quantity | Number of simultaneous ‹name› tunnels.
|
| security.pam.services.<name>.rootOK | If set, root doesn't need to authenticate (e.g. for the
useradd service).
|
| services.pgbackrest.stanzas.<name>.instances.<name>.host | PostgreSQL host for operating remotely.
|
| services.bind.zones.<name>.allowQuery | List of address ranges allowed to query this zone
|
| systemd.targets.<name>.upholds | Keeps the specified running while this unit is running
|
| systemd.sockets.<name>.upholds | Keeps the specified running while this unit is running
|
| systemd.user.paths.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| services.kanidm.provision.systems.oauth2.<name>.claimMaps.<name>.joinType | Determines how multiple values are joined to create the claim value
|
| boot.specialFileSystems.<name>.enable | Whether to enable the filesystem mount.
|
| services.nix-store-gcs-proxy.<name>.enable | Whether to enable proxy for this bucket
|
| systemd.user.units.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| systemd.user.paths.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| systemd.services.<name>.bindsTo | Like ‘requires’, but in addition, if the specified units
unexpectedly disappear, this unit will be stopped as well.
|
| services.hostapd.radios.<name>.networks.<name>.macDenyFile | Specifies a file containing the MAC addresses to deny if macAcl is set to "deny" or "radius"
|
| security.pam.services.<name>.showMotd | Whether to show the message of the day.
|
| services.github-runners.<name>.runnerGroup | Name of the runner group to add this runner to (defaults to the default runner group)
|
| users.extraUsers.<name>.description | A short description of the user account, typically the
user's full name
|
| systemd.services.<name>.postStart | Shell commands executed after the service's main process
is started.
|
| systemd.services.<name>.reload | Shell commands executed when the service's main process
is reloaded.
|
| services.tinc.networks.<name>.hostSettings.<name>.subnets | The subnets which this tinc daemon will serve
|
| containers.<name>.flake | The Flake URI of the NixOS configuration to use for the container
|
| services.neo4j.ssl.policies.<name>.privateKey | The name of private PKCS #8 key file for this policy to be found
in the baseDirectory, or the absolute path to
the key file
|
| services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.cert.<name>.handle | Hex-encoded CKA_ID or handle of the certificate on a token or TPM,
respectively
|
| services.cgit.<name>.nginx.location | Location to serve cgit under.
|
| services.rspamd.locals.<name>.source | Path of the source file.
|
| services.rauc.slots.<name>.*.settings | Settings for this slot.
|
| services.spiped.config.<name>.target | Address to which spiped should connect.
|
| services.httpd.virtualHosts.<name>.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.nginx.virtualHosts.<name>.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.redis.servers.<name>.slaveOf.port | port of the Redis master
|
| services.inadyn.settings.custom.<name>.hostname | Hostname alias(es).
|
| services.inadyn.settings.custom.<name>.username | Username for this DDNS provider.
|
| fileSystems.<name>.enable | Whether to enable the filesystem mount.
|
| services.bitcoind.<name>.rpc.users | RPC user information for JSON-RPC connections.
|
| services.geth.<name>.metrics.enable | Whether to enable Go Ethereum prometheus metrics.
|
| services.redis.servers.<name>.slaveOf | IP and port to which this redis instance acts as a slave.
|