| systemd.user.services.<name>.script | Shell commands executed as the service's main process.
|
| services.i2pd.outTunnels.<name>.inbound.quantity | Number of simultaneous ‹name› tunnels.
|
| services.nginx.virtualHosts.<name>.http3 | Whether to enable the HTTP/3 protocol
|
| services.quicktun.<name>.privateKeyFile | Path to file containing local secret key in binary or hexadecimal form.
Not needed when services.quicktun..protocol is set to raw.
|
| services.redis.servers.<name>.port | The TCP port to accept connections
|
| systemd.user.slices.<name>.sliceConfig | Each attribute in this set specifies an option in the
[Slice] section of the unit
|
| users.ldap.base | The distinguished name of the search base.
|
| services.fedimintd.<name>.nginx.config.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.fedimintd.<name>.nginx.config.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| security.pam.services.<name>.oathAuth | If set, the OATH Toolkit will be used.
|
| systemd.paths.<name>.startLimitBurst | Configure unit start rate limiting
|
| services.ndppd.proxies.<name>.interface | Listen for any Neighbor Solicitation messages on this interface,
and respond to them according to a set of rules
|
| systemd.user.sockets.<name>.upholds | Keeps the specified running while this unit is running
|
| systemd.user.targets.<name>.upholds | Keeps the specified running while this unit is running
|
| services.authelia.instances.<name>.group | The name of the group for this authelia instance.
|
| systemd.network.links.<name>.enable | Whether to enable this .link unit
|
| systemd.user.services.<name>.bindsTo | Like ‘requires’, but in addition, if the specified units
unexpectedly disappear, this unit will be stopped as well.
|
| systemd.sockets.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| systemd.targets.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| systemd.services.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| systemd.targets.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| systemd.sockets.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| boot.initrd.luks.devices.<name>.yubikey | The options to use for this LUKS device in YubiKey-PBA
|
| services.geth.<name>.authrpc.enable | Whether to enable Go Ethereum Auth RPC API.
|
| systemd.user.services.<name>.reload | Shell commands executed when the service's main process
is reloaded.
|
| systemd.user.services.<name>.postStart | Shell commands executed after the service's main process
is started.
|
| services.quicktun.<name>.tunMode | Whether to operate in tun (IP) or tap (Ethernet) mode.
|
| security.acme.certs.<name>.server | ACME Directory Resource URI
|
| services.drupal.sites.<name>.package | The drupal package to use.
|
| services.cjdns.ETHInterface.connectTo.<name>.login | (optional) name your peer has for you
|
| services.cjdns.UDPInterface.connectTo.<name>.login | (optional) name your peer has for you
|
| services.openvpn.servers.<name>.authUserPass.username | The username to store inside the credentials file.
|
| services.homebridge.settings.platforms.*.name | Name of the platform
|
| services.autorandr.profiles.<name>.config.<name>.scale | Output scale configuration
|
| systemd.user.paths.<name>.startLimitBurst | Configure unit start rate limiting
|
| users.extraUsers.<name>.expires | Set the date on which the user's account will no longer be
accessible
|
| services.hostapd.radios.<name>.networks.<name>.macAcl | Station MAC address -based authentication
|
| systemd.services.<name>.aliases | Aliases of that unit.
|
| services.namecoind.rpc.user | User name for RPC connections.
|
| power.ups.ups.<name>.description | Description of the UPS.
|
| services.hostapd.radios.<name>.networks.<name>.macAllowFile | Specifies a file containing the MAC addresses to allow if macAcl is set to "allow" or "radius"
|
| services.wordpress.sites.<name>.virtualHost.locations.<name>.index | Adds DirectoryIndex directive
|
| services.wordpress.sites.<name>.virtualHost.locations.<name>.alias | Alias directory for requests
|
| services.fedimintd.<name>.nginx.config.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cert.<name>.handle | Hex-encoded CKA_ID or handle of the certificate on a token or TPM,
respectively
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cacert.<name>.file | Absolute path to the certificate to load
|
| security.acme.certs.<name>.enableDebugLogs | Whether to enable debug logging for this certificate.
|
| services.openvpn.servers.<name>.up | Shell commands executed when the instance is starting.
|
| systemd.sockets.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| systemd.targets.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| systemd.user.services.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| systemd.user.sockets.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| systemd.user.sockets.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| systemd.user.targets.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| systemd.user.targets.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| boot.specialFileSystems.<name>.fsType | Type of the file system
|
| systemd.timers.<name>.timerConfig | Each attribute in this set specifies an option in the
[Timer] section of the unit
|
| services.rsync.jobs.<name>.inhibit | Run the rsync process with an inhibition lock taken;
see systemd-inhibit(1) for a list of possible operations.
|
| services.kimai.sites.<name>.poolConfig | Options for the Kimai PHP pool
|
| services.tinc.networks.<name>.hostSettings.<name>.addresses | The external address where the host can be reached
|
| services.xserver.xkb.extraLayouts.<name>.typesFile | The path to the xkb types file
|
| services.blockbook-frontend.<name>.user | The user as which to run blockbook-frontend-‹name›.
|
| services.xserver.displayManager.lightdm.greeters.slick.font.name | Name of the font to use.
|
| containers.<name>.forwardPorts.*.containerPort | Target port of container
|
| boot.loader.systemd-boot.windows.<name>.title | The title of the boot menu entry.
|
| services.tahoe.nodes.<name>.helper.enable | Whether to enable helper service.
|
| services.nghttpx.backends.*.params.dns | Name resolution of a backends host name is done at start up,
or configuration reload
|
| services.fedimintd.<name>.ui.bind | Address to bind on for UI connections
|
| services.jupyter.kernels.<name>.env | Environment variables to set for the kernel.
|
| services.nginx.virtualHosts.<name>.root | The path of the web root directory.
|
| services.rspamd.workers.<name>.count | Number of worker instances to run
|
| services.redis.servers.<name>.syslog | Enable logging to the system logger.
|
| services.redis.servers.<name>.enable | Whether to enable Redis server.
|
| services.nebula.networks.<name>.ca | Path to the certificate authority certificate.
|
| services.xserver.displayManager.lightdm.greeters.gtk.theme.name | Name of the theme to use for the lightdm-gtk-greeter.
|
| fileSystems.<name>.encrypted.blkDev | Location of the backing encrypted device.
|
| services.tinc.networks.<name>.hostSettings.<name>.addresses.*.port | The port where the host can be reached
|
| boot.initrd.luks.devices.<name>.gpgCard.gracePeriod | Time in seconds to wait for the GPG Smartcard.
|
| services.headscale.settings.database.postgres.name | Database name.
|
| services.borgbackup.jobs.<name>.dateFormat | Arguments passed to date
to create a timestamp suffix for the archive name.
|
| services.nsd.keys.<name>.algorithm | Authentication algorithm for this key.
|
| services.tarsnap.archives.<name>.printStats | Print global archive statistics upon completion
|
| services.redis.servers.<name>.slowLogMaxLen | Maximum number of items to keep in slow log.
|
| services.netbird.tunnels.<name>.suffixedName | A systemd service name to use (without .service suffix).
|
| services.netbird.clients.<name>.suffixedName | A systemd service name to use (without .service suffix).
|
| systemd.user.timers.<name>.timerConfig | Each attribute in this set specifies an option in the
[Timer] section of the unit
|
| services.phpfpm.pools.<name>.socket | Path to the unix socket file on which to accept FastCGI requests.
This option is read-only and managed by NixOS.
|
| systemd.user.targets.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| systemd.user.sockets.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| services.bitcoind.<name>.dbCache | Override the default database cache size in MiB.
|
| services.acpid.handlers.<name>.event | Event type.
|
| systemd.user.services.<name>.aliases | Aliases of that unit.
|
| services.nsd.zones.<name>.dnssecPolicy.zsk.keySize | Key size in bits
|
| services.nsd.zones.<name>.dnssecPolicy.ksk.keySize | Key size in bits
|
| services.fedimintd.<name>.nginx.config.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| environment.etc.<name>.uid | UID of created file
|
| environment.etc.<name>.gid | GID of created file
|
| services.fedimintd.<name>.ui.port | TCP Port to bind on for UI connections
|
| services.drupal.sites.<name>.virtualHost.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.firezone.server.provision.accounts.<name>.actors.<name>.type | The account type
|