| services.fediwall.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| networking.nat.forwardPorts | List of forwarded ports from the external interface to
internal destinations by using DNAT
|
| services.dependency-track.database.passwordFile | The path to a file containing the database password.
|
| services.grafana.provision.alerting.policies.path | Path to YAML notification policies configuration
|
| programs.chromium.defaultSearchProviderSearchURL | Chromium default search provider url.
|
| services.hadoop.yarn.nodemanager.resource.maximumAllocationMB | The maximum physical memory any container can be allocated.
|
| services.corosync.nodelist.*.ring_addrs | List of addresses, one for each ring.
|
| boot.initrd.systemd.users | Users to include in initrd.
|
| services.grafana.provision.dashboards.settings.providers.*.type | Dashboard provider type.
|
| services.grafana.settings.server.enable_gzip | Set this option to true to enable HTTP compression, this can improve transfer speed and bandwidth utilization
|
| services.autorandr.profiles.<name>.config.<name>.primary | Whether output should be marked as primary
|
| services.canaille.settings.CANAILLE_SQL.DATABASE_URI | The SQL server URI
|
| services.govee2mqtt.enable | Whether to enable Govee2MQTT.
|
| services.httpd.extraConfig | Configuration lines appended to the generated Apache
configuration file
|
| services.i2pd.inTunnels.<name>.port | Bind port for ‹name› endpoint.
|
| services.imaginary.settings | Command line arguments passed to the imaginary executable, stripped of
the prefix -
|
| services.journald.gateway.merge | Serve entries interleaved from all available journals, including other
machines
|
| services.asusd.userLedModesConfig.text | Text of the file.
|
| services.beszel.agent.openFirewall | Whether to open the firewall port (default 45876).
|
| services.forgejo.settings.server.PROTOCOL | Listen protocol. +unix means "over unix", not "in addition to."
|
| services.keepalived.extraGlobalDefs | Extra lines to be added verbatim to the 'global_defs' block of the
configuration file
|
| programs.fish.loginShellInit | Shell script code called during fish login shell initialisation.
|
| services.grocy.settings.calendar.firstDayOfWeek | Which day of the week (0=Sunday, 1=Monday etc.) should be the
first day.
|
| services.homepage-dashboard.openFirewall | Open ports in the firewall for Homepage.
|
| hardware.facter.detected.networking.intel._3945ABG.enable | Whether to enable the Facter Intel 3945ABG module.
|
| services.gitlab.registry.port | GitLab container registry port.
|
| services.healthchecks.settings.SECRET_KEY_FILE | Path to a file containing the secret key.
|
| services.jupyter.password | Password to use with notebook
|
| hardware.graphics.package32 | The package that provides the 32-bit driver set
|
| services.anuko-time-tracker.nginx.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.firefly-iii.settings | Options for firefly-iii configuration
|
| services.jellyfin.hardwareAcceleration.device | Path to the hardware acceleration device that Jellyfin should use
|
| boot.initrd.systemd.tmpfiles.settings | Similar to systemd.tmpfiles.settings but the rules are
only applied by systemd-tmpfiles before initrd-switch-root.target
|
| fileSystems.<name>.encrypted.blkDev | Location of the backing encrypted device.
|
| power.ups.ups.<name>.description | Description of the UPS.
|
| programs.evince.package | The evince package to use.
|
| security.pam.services.<name>.limits.*.domain | Username, groupname, or wildcard this limit applies to
|
| services.cocoon.environmentFiles | File to load environment variables from
|
| services.httpd.virtualHosts.<name>.servedDirs | This option provides a simple way to serve static directories.
|
| services.jitsi-videobridge.extraProperties | Additional Java properties passed to jitsi-videobridge.
|
| programs.ccache.trace | Trace ccache usage to see which derivations use ccache
|
| hardware.xpad-noone.enable | Whether to enable the Xpad driver from the Linux kernel with support for Xbox One controllers removed.
|
| services.fediwall.settings.hideBoosts | Hide boosts
|
| services.httpd.virtualHosts.<name>.locations.<name>.alias | Alias directory for requests
|
| services.bookstack.nginx.default | Makes this vhost the default.
|
| security.pam.services | This option defines the PAM services
|
| services.beszel.agent.enable | Whether to enable beszel agent.
|
| services.fider.package | The fider package to use.
|
| powerManagement.powertop.postStart | Shell commands executed after powertop is started
|
| services.amule.settings.ExternalConnect.ECPassword | MD5 hash of the password, obtainaible with echo "<password>" | md5sum | cut -d ' ' -f 1
|
| services.athens.storage.minio.enableSSL | Enable SSL for the minio storage backend.
|
| services.buildbot-master.pythonPackages | Packages to add the to the PYTHONPATH of the buildbot process.
|
| services.caddy.user | User account under which caddy runs.
If left as the default value this user will automatically be created
on system activation, otherwise you are responsible for
ensuring the user exists before the Caddy service starts.
|
| services.dependency-track.oidc.loginButtonText | Defines the scopes to request for OpenID Connect
|
| services.exim.enable | Whether to enable the Exim mail transfer agent.
|
| services.firefly-iii-data-importer.group | Group under which firefly-iii-data-importer runs
|
| services.cloudflare-ddns.ip4Domains | Explicit list of domains to manage only for IPv4
|
| services.dolibarr.nginx.listenAddresses | Listen addresses for this virtual host
|
| services.i2pd.proto.http.strictHeaders | Enable strict host checking on WebUI.
|
| fileSystems.<name>.options | Options used to mount the file system
|
| services.dysnomia.extraContainerPaths | A list of paths containing additional container configurations that are added to the search folders
|
| services.firezone.gateway.tokenFile | A file containing the firezone gateway token
|
| services.bird-lg.frontend.netSpecificMode | Apply network-specific changes for some networks.
|
| services.bitwarden-directory-connector-cli.ldap | Options to configure the LDAP connection
|
| services.broadcast-box.openFirewall | Whether to enable opening WebRTC traffic ports in the firewall
|
| services.healthchecks.settings.DB_NAME | Database name.
|
| services.knot-resolver.settings.workers | The number of running kresd (Knot Resolver daemon) workers
|
| networking.ipips.<name>.encapsulation.type | Select the encapsulation type:
-
ipip to create an IPv4 within IPv4 tunnel (RFC 2003).
-
4in6 to create a 4in6 tunnel (RFC 2473);
-
ip6ip6 to create an IPv6 within IPv6 tunnel (RFC 2473);
For encapsulating IPv6 within IPv4 packets, see
the ad-hoc networking.sits option.
|
| services.glitchtip.stateDir | State directory of glitchtip.
|
| services.kasmweb.defaultRegistrationToken | default registration token to use.
|
| boot.initrd.network.ssh.enable | Start SSH service during initrd boot
|
| programs.corectrl.package | The corectrl package to use
|
| programs.kde-pim.kontact | Whether to enable Kontact.
|
| services.arbtt.enable | Whether to enable Arbtt statistics capture service.
|
| services.displayManager.autoLogin | Auto login configuration attrset.
|
| services.lavalink.openFirewall | Whether to expose the port to the network.
|
| services.dolibarr.h2o.serverName | Server name to be used for this virtual host
|
| services.gitea.group | Group under which gitea runs.
|
| programs.neovim.runtime | Set of files that have to be linked in runtime.
|
| programs.tmux.shortcut | Ctrl following by this key is used as the main shortcut.
|
| services.db-rest.enable | Whether to enable db-rest service.
|
| services.fcron.queuelen | Number of jobs the serial queue and the lavg queue can contain.
|
| services.jboss.serverDir | Location of the server instance files
|
| programs._1password-gui.package | The 1Password GUI package to use.
|
| programs.feedbackd.package | The feedbackd package to use.
|
| services.dolibarr.h2o.host | Set the host address for this virtual host
|
| services.fedimintd.<name>.nginx.fqdn | Public domain of the API address of the reverse proxy/tls terminator.
|
| services.inadyn.settings.custom.<name>.ddns-server | DDNS server name.
|
| services.iperf3.extraFlags | Extra flags to pass to iperf3(1).
|
| services.agate.certificatesDir | Root of the certificate directory.
|
| services.corteza.settings | Configuration for Corteza, will be passed as environment variables
|
| services.datadog-agent.diskCheck | Disk check config
|
| services.etebase-server.settings.allowed_hosts.allowed_host1 | The main host that is allowed access.
|
| services.geth.<name>.metrics.address | Listen address of Go Ethereum metrics service.
|
| services.dspam.maintenanceInterval | If set, maintenance script will be run at specified (in systemd.timer format) interval
|
| services.keycloak.settings.http-relative-path | The path relative to / for serving
resources.
In versions of Keycloak using Wildfly (<17),
this defaulted to /auth
|
| programs.neovim.enable | Whether to enable Neovim
|
| services.jupyterhub.jupyterlabEnv | Python environment to run jupyterlab
Customizing will affect the packages available in the
jupyterlab server and the default kernel provided
|
| services.bluesky-pds.settings.LOG_ENABLED | Enable logging
|
| networking.defaultGateway6.metric | The default gateway metric/preference.
|