| services.spiped.config.<name>.timeout | Timeout, in seconds, after which an attempt to connect to
the target or a protocol handshake will be aborted (and the
connection dropped) if not completed
|
| services.redis.servers.<name>.appendOnly | By default data is only periodically persisted to disk, enable this option to use an append-only file for improved persistence.
|
| services.fedimintd.<name>.nginx.config.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.tahoe.nodes.<name>.tub.location | The external location that the node should listen on
|
| services.nginx.virtualHosts.<name>.kTLS | Whether to enable kTLS support
|
| services.dovecot2.imapsieve.mailbox.*.name | This setting configures the name of a mailbox for which administrator scripts are configured
|
| services.firewalld.zones.<name>.short | Short description for the zone.
|
| services.firewalld.zones.<name>.ports | Ports to allow in the zone.
|
| services.firewalld.zones.<name>.rules | Rich rules for the zone.
|
| services.restic.backups.<name>.package | The restic package to use.
|
| services.i2pd.outTunnels.<name>.outbound.quantity | Number of simultaneous ‹name› tunnels.
|
| services.kubernetes.kubelet.taints.<name>.key | Key of taint.
|
| services.homebridge.settings.platforms.*.name | Name of the platform
|
| services.tinc.networks.<name>.hostSettings.<name>.subnets.*.prefixLength | The prefix length of the subnet
|
| services.frp.instances.<name>.role | The frp consists of client and server
|
| security.acme.certs.<name>.s3Bucket | S3 bucket name to use for HTTP-01 based challenges
|
| services.redis.servers.<name>.appendFsync | How often to fsync the append-only log, options: no, always, everysec.
|
| services.rss2email.feeds.<name>.to | Email address to which to send feed items
|
| security.pam.services.<name>.yubicoAuth | If set, users listed in
~/.yubico/authorized_yubikeys
are able to log in with the associated Yubikey tokens.
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cacert.<name>.handle | Hex-encoded CKA_ID or handle of the certificate on a token or TPM,
respectively
|
| services.github-runners.<name>.user | User under which to run the service
|
| services.ghostunnel.servers.<name>.allowDNS | Allow client if DNS subject alternative name appears in the list.
|
| services.ghostunnel.servers.<name>.allowURI | Allow client if URI subject alternative name appears in the list.
|
| services.firezone.server.provision.accounts.<name>.actors.<name>.email | The email address used to authenticate as this account
|
| services.kanidm.provision.persons.<name>.legalName | Full legal name
|
| services.prosody.virtualHosts.<name>.ssl.cert | Path to the certificate file.
|
| services.rke2.autoDeployCharts.<name>.repo | The repo of the Helm chart
|
| services.rspamd.overrides.<name>.text | Text of the file.
|
| services.restic.backups.<name>.paths | Which paths to backup, in addition to ones specified via
dynamicFilesFrom
|
| systemd.user.services.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| services.jupyter.kernels.<name>.logo32 | Path to 32x32 logo png.
|
| services.jupyter.kernels.<name>.logo64 | Path to 64x64 logo png.
|
| services.nginx.virtualHosts.<name>.listen.*.ssl | Enable SSL.
|
| services.bitcoind.<name>.extraConfig | Additional configurations to be appended to bitcoin.conf.
|
| services.httpd.virtualHosts.<name>.listen.*.ip | IP to listen on. 0.0.0.0 for IPv4 only, * for all.
|
| services.wordpress.sites.<name>.extraConfig | Any additional text to be appended to the wp-config.php
configuration file
|
| security.pam.services.<name>.usshAuth | If set, users with an SSH certificate containing an authorized principal
in their SSH agent are able to log in
|
| programs.tsmClient.servers.<name>.nodename | Target node name on the IBM TSM server.
|
| services.znapzend.zetup.<name>.destinations.<name>.plan | The znapzend backup plan to use for the source
|
| services.firezone.server.provision.accounts.<name>.auth.<name>.adapter | The auth adapter type
|
| services.rke2.autoDeployCharts.<name>.hash | The hash of the packaged Helm chart
|
| security.pam.services.<name>.ttyAudit.enable | Enable or disable TTY auditing for specified users
|
| services.netbird.tunnels.<name>.dir.state | A state directory used by NetBird client to store config.json, state.json & resolv.conf.
|
| services.netbird.clients.<name>.dir.state | A state directory used by NetBird client to store config.json, state.json & resolv.conf.
|
| systemd.user.paths.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| services.inadyn.settings.provider.<name>.hostname | Hostname alias(es).
|
| services.inadyn.settings.provider.<name>.username | Username for this DDNS provider.
|
| systemd.user.paths.<name>.wants | Start the specified units when this unit is started.
|
| services.sanoid.datasets.<name>.yearly | Number of yearly snapshots.
|
| services.sympa.settingsFile.<name>.source | Path of the source file.
|
| services.nebula.networks.<name>.enable | Enable or disable this network.
|
| services.sanoid.datasets.<name>.hourly | Number of hourly snapshots.
|
| services.drupal.sites.<name>.privateFilesDir | The location of the Drupal private files directory.
|
| services.openvpn.servers.<name>.autoStart | Whether this OpenVPN instance should be started automatically.
|
| services.tahoe.introducers.<name>.nickname | The nickname of this Tahoe introducer.
|
| services.tahoe.nodes.<name>.sftpd.accounts.file | Path to the accounts file.
|
| services.public-inbox.inboxes.<name>.watch | Paths for public-inbox-watch(1) to monitor for new mail.
|
| services.udp-over-tcp.tcp2udp.<name>.threads | Sets the number of worker threads to use
|
| services.drupal.sites.<name>.virtualHost.servedFiles | This option provides a simple way to serve individual, static files.
This option has been deprecated and will be removed in a future
version of NixOS
|
| services.drupal.sites.<name>.virtualHost.hostName | Canonical hostname for the server.
|
| services.quicktun.<name>.timeWindow | Allowed time window for first received packet in seconds (positive number allows packets from history)
|
| services.xserver.xkb.extraLayouts.<name>.symbolsFile | The path to the xkb symbols file
|
| services.netbird.clients.<name>.ui.enable | Controls presence of netbird-ui wrapper for this NetBird client.
|
| services.netbird.tunnels.<name>.ui.enable | Controls presence of netbird-ui wrapper for this NetBird client.
|
| services.keepalived.vrrpScripts.<name>.group | Name of group to run the script under
|
| services.fedimintd.<name>.nginx.config.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.tinc.networks.<name>.hostSettings.<name>.addresses.*.address | The external IP address or hostname where the host can be reached.
|
| hardware.alsa.controls.<name>.card | Name of the PCM card to control (slave).
|
| services.headscale.settings.database.postgres.name | Database name.
|
| services.znapzend.zetup.<name>.sendDelay | Specify delay (in seconds) before sending snaps to the destination
|
| services.nylon.<name>.bindInterface | Tell nylon which interface to use as an uplink, default is "enp3s0f0".
|
| services.wyoming.piper.servers.<name>.piper | The piper-tts package to use.
|
| services.neo4j.ssl.policies.<name>.clientAuth | The client authentication stance for this policy.
|
| services.xserver.displayManager.lightdm.greeters.gtk.theme.name | Name of the theme to use for the lightdm-gtk-greeter.
|
| services.wyoming.piper.servers.<name>.useCUDA | Whether to accelerate the underlying onnxruntime library with CUDA.
|
| services.nginx.virtualHosts.<name>.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| systemd.services.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| systemd.slices.<name>.wants | Start the specified units when this unit is started.
|
| systemd.timers.<name>.wants | Start the specified units when this unit is started.
|
| services.xserver.displayManager.lightdm.greeters.slick.font.name | Name of the font to use.
|
| services.wordpress.sites.<name>.virtualHost.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| power.ups.users.<name>.actions | Allow the user to do certain things with upsd
|
| services.dokuwiki.sites.<name>.package | The dokuwiki package to use.
|
| services.znapzend.zetup.<name>.dataset | The dataset to use for this source.
|
| systemd.timers.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| systemd.slices.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| services.nsd.zones.<name>.dnssecPolicy.ksk.rollPeriod | How frequently to change keys
|
| services.nsd.zones.<name>.dnssecPolicy.zsk.rollPeriod | How frequently to change keys
|
| services.tahoe.nodes.<name>.client.shares.needed | The number of shares required to reconstitute a file.
|
| services.httpd.virtualHosts.<name>.listen.*.ssl | Whether to enable SSL (https) support.
|
| services.restic.backups.<name>.exclude | Patterns to exclude when backing up
|
| services.nsd.zones.<name>.allowAXFRFallback | If NSD as secondary server should be allowed to AXFR if the primary
server does not allow IXFR.
|
| services.davis.nginx.locations.<name>.root | Root directory for requests.
|
| services.movim.nginx.locations.<name>.root | Root directory for requests.
|
| services.slskd.nginx.locations.<name>.root | Root directory for requests.
|
| services.honk.servername | The server name.
|
| services.akkoma.initDb.username | Name of the database user to initialise the database with
|
| services.inadyn.settings.custom.<name>.ssl | Whether to use HTTPS for this DDNS provider.
|
| security.pam.services.<name>.setLoginUid | Set the login uid of the process
(/proc/self/loginuid) for auditing
purposes
|
| services.gitwatch.<name>.message | Optional text to use in as commit message; all occurrences of %d will be replaced by formatted date/time
|