| services.rke2.autoDeployCharts.<name>.package | The packaged Helm chart
|
| services.openvpn.servers.<name>.authUserPass.username | The username to store inside the credentials file.
|
| services.i2pd.outTunnels.<name>.inbound.quantity | Number of simultaneous ‹name› tunnels.
|
| services.awstats.configs.<name>.type | The type of log being collected.
|
| services.bird-lg.frontend.nameFilter | Protocol names to hide in summary tables (RE2 syntax),
|
| services.netbird.clients | Attribute set of NetBird client daemons, by default each one will:
- be manageable using dedicated tooling:
netbird-<name> script,NetBird - netbird-<name> graphical interface when appropriate (see ui.enable),
- run as a
netbird-<name>.service,
- listen for incoming remote connections on the port
51820 (openFirewall by default),
- manage the
netbird-<name> wireguard interface,
- use the /var/lib/netbird-/config.json configuration file,
- override /var/lib/netbird-/config.json with values from /etc/netbird-/config.d/*.json,
- (
hardened) be locally manageable by netbird-<name> system group,
With following caveats:
- multiple daemons will interfere with each other's DNS resolution of
netbird.cloud, but
should remain fully operational otherwise
|
| services.bitcoind.<name>.dbCache | Override the default database cache size in MiB.
|
| systemd.user.units.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| systemd.user.paths.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| services.sympa.domains.<name>.webHost | Domain part of the web interface URL (no web interface for this domain if null)
|
| services.xserver.xkb.extraLayouts.<name>.typesFile | The path to the xkb types file
|
| services.dokuwiki.sites.<name>.acl.*.page | Page or namespace to restrict
|
| services.drupal.sites.<name>.configSyncDir | The location of the Drupal config sync directory.
|
| services.tahoe.nodes.<name>.client.helper | The furl for a Tahoe helper node
|
| services.kubernetes.kubelet.hostname | Kubernetes kubelet hostname override.
|
| services.iodine.clients.<name>.relay | DNS server to use as an intermediate relay to the iodined server
|
| services.kimai.sites.<name>.database.user | Database user.
|
| services.guacamole-server.host | The host name or IP address the server should listen to.
|
| security.pam.services.<name>.pamMount | Enable PAM mount (pam_mount) system to mount filesystems on user login.
|
| services.ndppd.proxies.<name>.interface | Listen for any Neighbor Solicitation messages on this interface,
and respond to them according to a set of rules
|
| services.sympa.settingsFile.<name>.text | Text of the file.
|
| systemd.user.slices.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| systemd.user.timers.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| services.fedimintd.<name>.nginx.config.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.fedimintd.<name>.nginx.config.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| systemd.user.services.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| systemd.units.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| systemd.paths.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| services.ax25.axports.<name>.window | Default window size for this interface.
|
| services.uhub.<name>.plugins.*.plugin | Path to plugin file.
|
| systemd.user.slices.<name>.wants | Start the specified units when this unit is started.
|
| systemd.user.timers.<name>.wants | Start the specified units when this unit is started.
|
| services.github-runners.<name>.runnerGroup | Name of the runner group to add this runner to (defaults to the default runner group)
|
| services.autorandr.profiles.<name>.config.<name>.scale | Output scale configuration
|
| services.bacula-sd.director.<name>.tls | TLS Options for the Director in this Configuration.
|
| services.bacula-fd.director.<name>.tls | TLS Options for the Director in this Configuration.
|
| services.jupyter.kernels.<name>.argv | Command and arguments to start the kernel.
|
| services.bepasty.servers.<name>.bind | Bind address to be used for this server.
|
| services.netbird.clients.<name>.port | Port the NetBird client listens on.
|
| services.netbird.tunnels.<name>.port | Port the NetBird client listens on.
|
| services.homebridge.uiSettings.log.service | Name of the systemd service to log to
|
| boot.initrd.luks.devices.<name>.preLVM | Whether the luksOpen will be attempted before LVM scan or after it.
|
| services.keyd.keyboards.<name>.ids | Device identifiers, as shown by keyd(1).
|
| services.udp-over-tcp.tcp2udp.<name>.fwmark | If given, sets the SO_MARK option on the TCP socket.
|
| services.udp-over-tcp.udp2tcp.<name>.fwmark | If given, sets the SO_MARK option on the TCP socket.
|
| services.quicktun.<name>.privateKeyFile | Path to file containing local secret key in binary or hexadecimal form.
Not needed when services.quicktun..protocol is set to raw.
|
| services.httpd.virtualHosts.<name>.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.nginx.virtualHosts.<name>.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.kimai.sites.<name>.database.port | Database host port.
|
| services.cjdns.ETHInterface.connectTo.<name>.login | (optional) name your peer has for you
|
| services.cjdns.UDPInterface.connectTo.<name>.login | (optional) name your peer has for you
|
| security.acme.certs.<name>.csrKey | Path to the private key to the matching certificate signing request.
|
| services.rspamd.locals.<name>.enable | Whether this file locals should be generated
|
| services.geth.<name>.websocket.apis | APIs to enable over WebSocket
|
| services.pid-fan-controller.settings.heatSources.*.name | Name of the heat source.
|
| users.groups.<name>.members | The user names of the group members, added to the
/etc/group file.
|
| systemd.slices.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| systemd.paths.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| systemd.timers.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| systemd.services.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cert.<name>.file | Absolute path to the certificate to load
|
| security.pam.services.<name>.p11Auth | If set, keys listed in
~/.ssh/authorized_keys and
~/.eid/authorized_certificates
can be used to log in with the associated PKCS#11 tokens.
|
| services.ndppd.proxies.<name>.rules | This is a rule that the target address is to match against
|
| hardware.alsa.cardAliases.<name>.driver | Name of the kernel module that provides the card.
|
| services.i2pd.inTunnels.<name>.accessList | I2P nodes that are allowed to connect to this service.
|
| services.drupal.sites.<name>.modulesDir | The location for users to install Drupal modules.
|
| services.openvpn.servers.<name>.down | Shell commands executed when the instance is shutting down.
|
| services.public-inbox.inboxes.<name>.url | URL where this inbox can be accessed over HTTP.
|
| services.ax25.axports.<name>.paclen | Default maximum packet size for this interface.
|
| services.ax25.axports.<name>.enable | Whether to enable Enables the axport interface.
|
| power.ups.upsmon.monitor.<name>.type | The relationship with upsd
|
| services.authelia.instances.<name>.group | The name of the group for this authelia instance.
|
| services.fedimintd.<name>.p2p.port | Port to bind on for p2p connections from peers (both TCP and UDP)
|
| services.fedimintd.<name>.p2p.bind | Address to bind on for p2p connections from peers (both TCP and UDP)
|
| services.archisteamfarm.bots.<name>.username | Name of the user to log in
|
| users.users.<name>.autoSubUidGidRange | Automatically allocate subordinate user and group ids for this user
|
| services.quicktun.<name>.localPort | Local UDP port.
|
| services.tor.relay.onionServices.<name>.map | See torrc manual.
|
| users.extraUsers.<name>.shell | The path to the user's shell
|
| services.fedimintd.<name>.nginx.config.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.fedimintd.<name>.api.url | Public URL of the API address of the reverse proxy/tls terminator
|
| services.drupal.sites.<name>.poolConfig | Options for the Drupal PHP pool
|
| services.prometheus.exporters.rtl_433.ids.*.name | Name to match.
|
| systemd.user.paths.<name>.bindsTo | Like ‘requires’, but in addition, if the specified units
unexpectedly disappear, this unit will be stopped as well.
|
| services.drupal.sites.<name>.phpOptions | Options for PHP's php.ini file for this Drupal site.
|
| services.geth.<name>.metrics.address | Listen address of Go Ethereum metrics service.
|
| services.nginx.proxyCachePath.<name>.enable | Whether to enable this proxy cache path entry.
|
| services.xserver.displayManager.lightdm.greeters.gtk.theme.name | Name of the theme to use for the lightdm-gtk-greeter.
|
| services.postfix.settings.main.myhostname | The internet hostname of this mail system
|
| virtualisation.interfaces.<name>.name | Interface name
|
| services.tarsnap.archives.<name>.printStats | Print global archive statistics upon completion
|
| services.nix-store-gcs-proxy.<name>.address | The address of the proxy.
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cacert.<name>.slot | Optional slot number of the token that stores the certificate.
|
| services.xserver.displayManager.lightdm.greeters.slick.font.name | Name of the font to use.
|
| services.openvpn.servers | Each attribute of this option defines a systemd service that
runs an OpenVPN instance
|
| services.wordpress.sites.<name>.virtualHost.locations.<name>.index | Adds DirectoryIndex directive
|
| services.wordpress.sites.<name>.virtualHost.locations.<name>.alias | Alias directory for requests
|
| users.extraUsers.<name>.enable | If set to false, the user account will not be created
|
| users.users.<name>.subUidRanges.*.count | Count of subordinate user ids
|
| users.users.<name>.subGidRanges.*.count | Count of subordinate group ids
|