| services.system76-scheduler.settings.processScheduler.pipewireBoost.profile.matchers | Process matchers.
|
| services.nexus.user | User which runs Nexus3.
|
| services.mpd.startWhenNeeded | If set, mpd is socket-activated; that
is, instead of having it permanently running as a daemon,
systemd will start it on the first incoming connection.
|
| services.paretosecurity.package | The paretosecurity package to use.
|
| services.transmission.extraFlags | Extra flags passed to the transmission command in the service definition.
|
| services.tor.client.transparentProxy.enable | Whether to enable transparent proxy.
|
| services.pixelfed.database.type | Database engine to use
|
| services.prometheus.exporters.exportarr-readarr.apiKeyFile | File containing the api-key.
|
| services.movim.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.tor.settings.BandwidthBurst | See torrc manual.
|
| services.slskd.settings.web.url_base | The base path in the url for web requests.
|
| services.strongswan-swanctl.swanctl.secrets.xauth | EAP secret section for a specific secret
|
| services.openssh.generateHostKeys | Whether to generate SSH host keys
|
| services.teeworlds.server.maxClientsPerIP | The maximum amount of clients with the same IP address that can be connected to the server at the same time.
|
| services.podgrab.group | Group under which Podgrab runs, and which owns the download directory.
|
| services.system76-scheduler.settings.processScheduler.foregroundBoost.foreground.prio | CPU scheduler priority.
|
| services.prometheus.exporters.ecoflow.listenAddress | Address to listen on.
|
| services.strongswan-swanctl.swanctl.connections.<name>.dpd_delay | Interval to check the liveness of a peer actively using IKEv2
INFORMATIONAL exchanges or IKEv1 R_U_THERE messages
|
| services.nsd.zones.<name>.provideXFR | Allow these IPs and TSIG to transfer zones, addr TSIG|NOKEY|BLOCKED
address range 192.0.2.0/24, 1.2.3.4&255.255.0.0, 3.0.2.20-3.0.2.40
|
| services.tinc.networks.<name>.extraConfig | Extra lines to add to the tinc service configuration file
|
| services.nsd.remoteControl.serverKeyFile | Path to the server private key, which is used by the server
but not by nsd-control
|
| services.paretosecurity.enable | Whether to enable ParetoSecurity agent and its root helper.
|
| services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.round | Optional numeric identifier by which authentication rounds are
sorted
|
| services.pulseaudio.extraConfig | Literal string to append to configFile
and the config file generated by the pulseaudio module.
|
| services.slskd.openFirewall | Whether to open the firewall for the soulseek network listen port (not the web interface port).
|
| services.sogo.vhostName | Name of the nginx vhost
|
| services.nginx.mapHashBucketSize | Sets the bucket size for the map variables hash tables
|
| services.nextcloud.settings.trusted_domains | Trusted domains, from which the nextcloud installation will be
accessible
|
| services.tika.openFirewall | Whether to open the firewall for Apache Tika
|
| services.pretalx.package | The pretalx package to use.
|
| services.netbird.server.signal.logLevel | Log level of the netbird signal service.
|
| services.tox-node.udpAddress | UDP address to run DHT node.
|
| services.subsonic.home | The directory where Subsonic will create files
|
| services.lubelogger.dataDir | Path to LubeLogger config and metadata inside of /var/lib/.
|
| services.strongswan-swanctl.swanctl.secrets.pkcs8.<name>.secret | Value of decryption passphrase for PKCS#8 key.
|
| services.prometheus.remoteRead.*.required_matchers | An optional list of equality matchers which have to be
present in a selector to query the remote read endpoint.
|
| services.ofono.enable | Whether to enable Ofono.
|
| services.mediawiki.phpPackage | The php package to use.
|
| services.picom.package | The picom package to use.
|
| services.public-inbox.settings | Settings for the public-inbox config file.
|
| services.monica.mail.encryption | SMTP encryption mechanism to use.
|
| services.prometheus.sachet.configuration | Sachet's configuration as a nix attribute set.
|
| services.opendkim.socket | Socket which is used for communication with OpenDKIM.
|
| services.ombi.group | Group under which Ombi runs.
|
| services.ncps.cache.redis.username | Redis username for authentication (for Redis ACL).
|
| services.prometheus.exporters.keylight.enable | Whether to enable the prometheus keylight exporter.
|
| services.nezha-agent.settings.disable_send_query | Disable sending TCP/ICMP/HTTP requests.
|
| services.openldap.package | The openldap package to use
|
| services.pulseaudio.tcp.openFirewall | Whether to enable Open firewall for the specified port.
|
| services.tox-node.motd | Message of the day
|
| services.mastodon.smtp.user | SMTP login name.
|
| services.ocis.environment | Extra config options
|
| services.scrutiny.settings.web.influxdb.host | IP or hostname of the InfluxDB instance.
|
| services.nginx.defaultListen.*.proxyProtocol | Enable PROXY protocol.
|
| services.prometheus.exporters.exportarr-lidarr.port | Port to listen on.
|
| services.networkd-dispatcher.rules | Declarative configuration of networkd-dispatcher rules
|
| services.tuned.settings | Configuration for TuneD
|
| services.movim.podConfig.chatonly | Disable all the social feature (Communities, Blog…) and keep only the chat ones
|
| services.mainsail.nginx.serverName | Name of this virtual host
|
| services.prosody.muc.*.roomDefaultChangeSubject | If set, the rooms will display the public JIDs by default.
|
| services.nifi.initPasswordFile | nitial password for Apache NiFi
|
| services.netbird.tunnels.<name>.dns-resolver.port | A port to serve DNS entries on when dns-resolver.address is enabled.
|
| services.prometheus.exporters.domain.extraFlags | Extra commandline options to pass to the domain exporter.
|
| services.salt.master.configuration | Salt master configuration as Nix attribute set.
|
| services.nezha-agent.settings.use_ipv6_country_code | Use ipv6 countrycode to report location.
|
| services.prometheus.exporters.v2ray.enable | Whether to enable the prometheus v2ray exporter.
|
| services.limesurvey.encryptionNonceFile | 24-byte used to encrypt variables in the database
|
| services.prometheus.scrapeConfigs.*.kubernetes_sd_configs.*.basic_auth | Optional HTTP basic authentication information.
|
| services.mysql.galeraCluster.localName | The unique name that identifies this particular node within the cluster
|
| services.limesurvey.nginx.virtualHost.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.nifi.listenPort | Bind to a port for Apache NiFi web-ui.
|
| services.oxidized.user | User under which the oxidized service runs.
|
| services.mediagoblin.domain | Domain under which mediagoblin will be served.
|
| services.multipath.devices.*.marginal_path_err_recheck_gap_time | One of the four parameters of supporting path check based on accounting IO error such as intermittent error
|
| services.mail.sendmailSetuidWrapper.owner | The owner of the wrapper program.
|
| services.netbox.settings | Configuration options to set in configuration.py
|
| services.tailscale.package | The tailscale package to use.
|
| services.prometheus.remoteWrite.*.sigv4.profile | The named AWS profile used to authenticate.
|
| services.prometheus.exporters.tibber.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.tibber.openFirewall is true.
|
| services.prometheus.exporters.nextcloud.openFirewall | Open port in firewall for incoming connections.
|
| services.ttyd.certFile | SSL certificate file path.
|
| services.prometheus.scrapeConfigs.*.marathon_sd_configs.*.authorization.credentials | Sets the credentials
|
| services.undervolt.enable | Whether to enable Undervolting service for Intel CPUs
|
| services.rauc.bundleFormats | Allowable formats for the RAUC bundle.
|
| services.matrix-tuwunel.group | The group tuwunel is run as
|
| services.umami.settings.COLLECT_API_ENDPOINT | Allows you to send metrics to a location different than the default /api/send.
|
| services.podgrab.passwordFile | The path to a file containing the PASSWORD environment variable
definition for Podgrab's authentication.
|
| services.nsd.zones.<name>.rrlWhitelist | Whitelists the given rrl-types.
|
| services.prometheus.pushgateway.extraFlags | Extra commandline options when launching the Pushgateway.
|
| services.outline.discordAuthentication.serverId | Restrict logins to a specific server (optional, but recommended)
|
| services.send.port | Port the Send service listens on.
|
| services.mastodon.extraConfig | Extra environment variables to pass to all mastodon services.
|
| services.limesurvey.nginx.virtualHost.globalRedirect | If set, all requests for this host are redirected (defaults to 301,
configurable with redirectCode) to the given hostname.
|
| services.sunshine.applications | Configuration for applications to be exposed to Moonlight
|
| services.moosefs.metalogger.enable | Whether to enable MooseFS metalogger daemon that maintains a backup copy of the master's metadata.
|
| services.movim.nginx.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| services.skydns.package | The skydns package to use.
|
| services.moosefs.cgiserver.settings.GUISERV_LISTEN_PORT | Port for GUI server to listen on.
|
| services.monetdb.enable | Whether to enable the MonetDB database server.
|
| services.tarsnap.archives.<name>.cachedir | The cache allows tarsnap to identify previously stored data
blocks, reducing archival time and bandwidth usage
|