| services.keycloak.database.passwordFile | The path to a file containing the database password
|
| services.drupal.sites.<name>.virtualHost.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.nginx.virtualHosts.<name>.listenAddresses | Listen addresses for this virtual host
|
| services.prometheus.exporters.jitsi.url | Jitsi Videobridge metrics URL to monitor
|
| services.limesurvey.virtualHost.serverAliases | Additional names of virtual hosts served by this virtual host configuration.
|
| services.bookstack.nginx.listenAddresses | Listen addresses for this virtual host
|
| services.openssh.authorizedKeysCommandUser | Specifies the user under whose account the AuthorizedKeysCommand
is run
|
| services.mediawiki.httpd.virtualHost.serverAliases | Additional names of virtual hosts served by this virtual host configuration.
|
| services.prometheus.exporters.bitcoin.rpcHost | RPC host.
|
| services.wordpress.sites.<name>.virtualHost.listen | Listen addresses and ports for this virtual host.
This option overrides addSSL, forceSSL and onlySSL
|
| services.your_spotify.nginxVirtualHost | If set creates an nginx virtual host for the client
|
| services.sslh.settings.protocols | List of protocols sslh will probe for and redirect
|
| services.globalprotect.csdWrapper | A script that will produce a Host Integrity Protection (HIP) report,
as described at https://www.infradead.org/openconnect/hip.html
|
| services.nextjs-ollama-llm-ui.enable | Whether to enable Simple Ollama web UI service; an easy to use web frontend for a Ollama backend service
|
| services.varnish.listen.*.address | If given an IP address, it can be a host name ("localhost"), an IPv4 dotted-quad
("127.0.0.1") or an IPv6 address enclosed in square brackets ("[::1]").
(VCL4.1 and higher) If given an absolute Path ("/path/to/listen.sock") or "@"
followed by the name of an abstract socket ("@myvarnishd") accept connections
on a Unix domain socket
|
| services.zabbixWeb.httpd.virtualHost.listenAddresses | Listen addresses for this virtual host
|
| virtualisation.oci-containers.containers.<name>.ports | Network ports to publish from the container to the outer host
|
| services.discourse.database.createLocally | Whether a database should be automatically created on the
local host
|
| services.snips-sh.environmentFile | Additional environment file as defined in systemd.exec(5)
|
| services.fedimintd.<name>.nginx.config.globalRedirect | If set, all requests for this host are redirected (defaults to 301,
configurable with redirectCode) to the given hostname.
|
| services.journald.remote.settings.Remote.SplitMode | With "host", a separate output file is used, based on the
hostname of the other endpoint of a connection
|
| services.drupal.sites.<name>.virtualHost.listenAddresses | Listen addresses for this virtual host
|
| services.jirafeau.nginxConfig.listenAddresses | Listen addresses for this virtual host
|
| services.wordpress.sites.<name>.virtualHost.serverAliases | Additional names of virtual hosts served by this virtual host configuration.
|
| services.wstunnel.clients.<name>.httpProxy | Proxy to use to connect to the wstunnel server (USER:PASS@HOST:PORT).
Passwords specified here will be world-readable in the Nix store!
To pass a password to the service, point the environmentFile option
to a file containing PROXY_PASSWORD=<your-password-here> and set
this option to <user>:$PROXY_PASSWORD@<host>:<port>
|
| services.limesurvey.httpd.virtualHost.listen | Listen addresses and ports for this virtual host.
This option overrides addSSL, forceSSL and onlySSL
|
| services.limesurvey.virtualHost.globalRedirect | If set, all requests for this host are redirected permanently to
the given URL.
|
| services.firewalld.zones.<name>.sources.*.address | An IP address or a network IP address with a mask for IPv4 or IPv6
|
| virtualisation.nixStore9pCache | Type of 9p cache to use when mounting host nix store. "none" provides
no caching. "loose" enables Linux's local VFS cache. "fscache" uses Linux's
fscache subsystem
|
| services.zabbixWeb.nginx.virtualHost.listenAddresses | Listen addresses for this virtual host
|
| services.fedimintd.<name>.nginx.config.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.invoiceplane.sites.<name>.database.port | Database host port.
|
| services.mediawiki.httpd.virtualHost.globalRedirect | If set, all requests for this host are redirected permanently to
the given URL.
|
| virtualisation.writableStore | If enabled, the Nix store in the VM is made writable by
layering an overlay filesystem on top of the host's Nix
store
|
| services.misskey.meilisearch.createLocally | Create and use a local Meilisearch instance
|
| services.yggdrasil.settings.PrivateKeyPath | Path to the private key file on the host system
|
| services.limesurvey.nginx.virtualHost.serverAliases | Additional names of virtual hosts served by this virtual host configuration.
|
| services.limesurvey.httpd.virtualHost.serverAliases | Additional names of virtual hosts served by this virtual host configuration.
|
| services.limesurvey.nginx.virtualHost.listen | Listen addresses and ports for this virtual host
|
| services.prometheus.exporters.unpoller.loki.url | URL of the Loki host.
|
| services.misskey.reverseProxy.webserver.nginx.serverName | Name of this virtual host
|
| services.hostapd.radios.<name>.networks.<name>.authentication.enableRecommendedPairwiseCiphers | Additionally enable the recommended set of pairwise ciphers
|
| services.limesurvey.virtualHost.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.wordpress.sites.<name>.virtualHost.globalRedirect | If set, all requests for this host are redirected permanently to
the given URL.
|
| services.mediawiki.httpd.virtualHost.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.murmur.environmentFile | Environment file as defined in systemd.exec(5)
|
| containers.<name>.ephemeral | Runs container in ephemeral mode with the empty root filesystem at boot
|
| services.dependency-track.database.createLocally | Whether a database should be automatically created on the
local host
|
| services.nullmailer.config.remotes | A list of remote servers to which to send each message
|
| services.headscale.settings.database.postgres.port | Database host port.
|
| services.misskey.reverseProxy.webserver.caddy.extraConfig | Additional lines of configuration appended to this virtual host in the
automatically generated Caddyfile.
|
| services.limesurvey.httpd.virtualHost.globalRedirect | If set, all requests for this host are redirected permanently to
the given URL.
|
| services.wordpress.sites.<name>.virtualHost.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| containers.<name>.privateUsers | Whether to give the container its own private UIDs/GIDs space (user namespacing)
|
| services.limesurvey.nginx.virtualHost.globalRedirect | If set, all requests for this host are redirected (defaults to 301,
configurable with redirectCode) to the given hostname.
|
| services.limesurvey.virtualHost.listenAddresses | Listen addresses for this virtual host
|
| services.fedimintd.<name>.nginx.config.listenAddresses | Listen addresses for this virtual host
|
| services.healthchecks.settings.ALLOWED_HOSTS | The host/domain names that this site can serve.
|
| services.pinchflat.secretsFile | Secrets like SECRET_KEY_BASE and BASIC_AUTH_PASSWORD
should be passed to the service without adding them to the world-readable Nix store
|
| programs.schroot.profiles.<name>.nssdatabases | System databases (as described in /etc/nsswitch.conf on GNU/Linux systems) to copy into the chroot from the host.
|
| services.mediawiki.httpd.virtualHost.listenAddresses | Listen addresses for this virtual host
|
| services.static-web-server.configuration | Configuration for Static Web Server
|
| services.limesurvey.nginx.virtualHost.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.limesurvey.httpd.virtualHost.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| programs.chromium.enablePlasmaBrowserIntegration | Whether to enable Native Messaging Host for Plasma Browser Integration.
|
| services.prometheus.exporters.dnssec.listenAddress | Listen address as host IP and port definition.
|
| services.misskey.reverseProxy.webserver.nginx.serverAliases | Additional names of virtual hosts served by this virtual host configuration.
|
| services.misskey.reverseProxy.webserver.caddy.serverAliases | Additional names of virtual hosts served by this virtual host configuration.
|
| services.wordpress.sites.<name>.virtualHost.listenAddresses | Listen addresses for this virtual host
|
| services.misskey.reverseProxy.webserver.nginx.listen | Listen addresses and ports for this virtual host
|
| services.nextcloud-whiteboard-server.settings | Settings to configure backend server
|
| virtualisation.rosetta.enable | Whether to enable Rosetta support
|
| services.matrix-hookshot.serviceDependencies | List of Systemd services to require and wait for when starting the application service,
such as the Matrix homeserver if it's running on the same host.
|
| virtualisation.libvirtd.onBoot | Specifies the action to be done to / on the guests when the host boots
|
| services.headscale.settings.tls_letsencrypt_hostname | Domain name to request a TLS certificate for.
|
| services.limesurvey.httpd.virtualHost.listenAddresses | Listen addresses for this virtual host
|
| services.misskey.reverseProxy.webserver.caddy.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| virtualisation.libvirtd.qemu.package | The qemu package to use. pkgs.qemu can emulate alien architectures (e.g. aarch64 on x86)
pkgs.qemu_kvm saves disk space allowing to emulate only host architectures.
|
| services.hedgedoc.environmentFile | Environment file as defined in systemd.exec(5)
|
| services.nextcloud-spreed-signaling.configureNginx | Whether to set up and configure an nginx virtual host according to upstream's recommendations
|
| services.misskey.reverseProxy.webserver.nginx.globalRedirect | If set, all requests for this host are redirected (defaults to 301,
configurable with redirectCode) to the given hostname.
|
| services.limesurvey.nginx.virtualHost.listenAddresses | Listen addresses for this virtual host
|
| services.matrix-appservice-discord.settings | config.yaml configuration as a Nix attribute set
|
| services.cloudflared.tunnels.<name>.originRequest.httpHostHeader | Sets the HTTP Host header on requests sent to the local service.
|
| services.teeworlds.environmentFile | Environment file as defined in systemd.exec(5)
|
| virtualisation.credentials.<name>.source | Source file on the host containing the credential data.
|
| services.matrix-synapse.settings.listeners.*.resources.*.names | List of resources to host on this listener.
|
| services.dendrite.environmentFile | Environment file as defined in systemd.exec(5)
|
| services.misskey.reverseProxy.webserver.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| virtualisation.libvirtd.onShutdown | When shutting down / restarting the host what method should
be used to gracefully halt the guests
|
| services.livebook.environment | Environment variables to set
|
| services.peering-manager.environmentFile | Environment file as defined in systemd.exec(5)
|
| services.autosuspend.settings.suspend_cmd | The command to execute in case the host shall be suspended
|
| services.prometheus.exporters.klipper.moonrakerApiKey | API Key to authenticate with the Moonraker APIs
|
| services.heisenbridge.registrationUrl | The URL where the application service is listening for HS requests, from the Matrix HS perspective.#
The default value assumes the bridge runs on the same host as the home server, in the same network.
|
| services.biboumi.settings.xmpp_server_ip | The IP address to connect to the XMPP server on
|
| services.waagent.settings.Provisioning.Enable | Whether to enable provisioning functionality in the agent
|
| services.misskey.reverseProxy.webserver.nginx.listenAddresses | Listen addresses for this virtual host
|
| virtualisation.virtualbox.guest.seamless | Whether to enable seamless mode
|
| virtualisation.additionalPaths | A list of paths whose closure should be made available to
the VM
|