| services.fedimintd.<name>.dataDir | Path to the data dir fedimintd will use to store its data
|
| services.nginx.proxyCachePath.<name>.levels | The levels parameter defines structure of subdirectories in cache: from
1 to 3, each level accepts values 1 or 2
|
| services.httpd.virtualHosts.<name>.listen.*.port | Port to listen on
|
| services.borgbackup.jobs.<name>.repo | Remote or local repository to back up to.
|
| services.iodine.clients.<name>.extraConfig | Additional command line parameters
|
| services.nginx.virtualHosts.<name>.listen.*.addr | Listen address.
|
| security.pam.services.<name>.sshAgentAuth | If set, the calling user's SSH agent is used to authenticate
against the keys in the calling user's
~/.ssh/authorized_keys
|
| services.geth.<name>.websocket.enable | Whether to enable Go Ethereum WebSocket API.
|
| services.udp-over-tcp.tcp2udp.<name>.recvTimeout | An application timeout on receiving data from the TCP socket.
|
| services.nebula.networks.<name>.relays | List of IPs of relays that this node should allow traffic from.
|
| services.udp-over-tcp.udp2tcp.<name>.recvTimeout | An application timeout on receiving data from the TCP socket.
|
| services.awstats.configs.<name>.logFile | The log file to be scanned
|
| services.nsd.zones.<name>.children | Children zones inherit all options of their parents
|
| services.snapper.configs.<name>.FSTYPE | Filesystem type
|
| services.wstunnel.clients.<name>.tlsSNI | Use this as the SNI while connecting via TLS
|
| services.ax25.axports.<name>.callsign | The callsign of the physical interface to bind to.
|
| services.uhub.<name>.plugins.*.settings | Settings specific to this plugin.
|
| services.nginx.virtualHosts.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.fedimintd.<name>.nginx.config.http3 | Whether to enable the HTTP/3 protocol
|
| services.neo4j.ssl.policies.<name>.trustAll | Makes this policy trust all remote parties
|
| services.metricbeat.modules.<name>.module | The name of the module
|
| services.h2o.hosts.<name>.tls.redirectCode | HTTP status used by globalRedirect & forceSSL
|
| services.hans.clients.<name>.passwordFile | File that contains password
|
| services.nginx.virtualHosts.<name>.default | Makes this vhost the default.
|
| services.nylon.<name>.allowedIPRanges | Allowed client IP ranges are evaluated first, defaults to ARIN IPv4 private ranges:
[ "192.168.0.0/16" "127.0.0.0/8" "172.16.0.0/12" "10.0.0.0/8" ]
|
| systemd.services.<name>.startLimitBurst | Configure unit start rate limiting
|
| services.quicktun.<name>.protocol | Which protocol to use.
|
| services.httpd.virtualHosts.<name>.sslServerKey | Path to server SSL certificate key.
|
| services.github-runners.<name>.package | The github-runner package to use.
|
| services.wstunnel.servers.<name>.tlsKey | TLS key to use instead of the hardcoded on in case of HTTPS connections
|
| services.fedimintd.<name>.api_ws.url | Public URL of the API address of the reverse proxy/tls terminator
|
| systemd.user.services.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| services.tinc.networks.<name>.debugLevel | The amount of debugging information to add to the log. 0 means little
logging while 5 is the most logging. man tincd for
more details.
|
| services.blockbook-frontend.<name>.certFile | To enable SSL, specify path to the name of certificate files without extension
|
| services.snipe-it.nginx.locations.<name>.root | Root directory for requests.
|
| services.nebula.networks.<name>.listen.host | IP address to listen on.
|
| services.nebula.networks.<name>.listen.port | Port number to listen on.
|
| services.znc.confOptions.networks.<name>.port | IRC server port.
|
| services.tahoe.nodes.<name>.sftpd.hostPrivateKeyFile | Path to the SSH host private key.
|
| services.cjdns.ETHInterface.connectTo.<name>.hostname | Optional hostname to add to /etc/hosts; prevents reverse lookup failures.
|
| services.cjdns.UDPInterface.connectTo.<name>.hostname | Optional hostname to add to /etc/hosts; prevents reverse lookup failures.
|
| services.nginx.proxyCachePath.<name>.useTempPath | Nginx first writes files that are destined for the cache to a temporary
storage area, and the use_temp_path=off directive instructs Nginx to
write them to the same directories where they will be cached
|
| services.xserver.displayManager.lightdm.greeters.enso.theme.name | Name of the theme to use for the lightdm-enso-os-greeter
|
| services.mpd.settings | Configuration for MPD
|
| services.firewalld.zones.<name>.ports.*.port | |
| services.quicktun.<name>.remoteFloat | Whether to allow the remote address and port to change when properly encrypted packets are received.
|
| services.gitlab-runner.services.<name>.tagList | Tag list
|
| users.users.<name>.subUidRanges | Subordinate user ids that user is allowed to use
|
| users.users.<name>.subGidRanges | Subordinate group ids that user is allowed to use
|
| services.errbot.instances.<name>.dataDir | Data directory for errbot instance.
|
| services.httpd.virtualHosts.<name>.http2 | Whether to enable HTTP 2
|
| services.spiped.config.<name>.waitForDNS | Wait for DNS
|
| services.kanata.keyboards.<name>.port | Port to run the TCP server on. null will not run the server.
|
| services.sympa.settingsFile.<name>.enable | Whether this file should be generated
|
| systemd.paths.<name>.bindsTo | Like ‘requires’, but in addition, if the specified units
unexpectedly disappear, this unit will be stopped as well.
|
| security.pam.services.<name>.ttyAudit.openOnly | Set the TTY audit flag when opening the session,
but do not restore it when closing the session
|
| services.postfix.masterConfig.<name>.args | Arguments to pass to the command
|
| services.syncoid.commands.<name>.sshKey | SSH private key file to use to login to the remote system
|
| services.kimai.sites.<name>.database.socket | Path to the unix socket file to use for authentication.
|
| security.pam.services.<name>.howdy.control | This option sets the PAM "control" used for this module.
|
| services.dokuwiki.sites.<name>.phpPackage | The php package to use.
|
| services.redis.servers.<name>.requirePassFile | File with password for the database.
|
| services.sanoid.templates.<name>.daily | Number of daily snapshots.
|
| services.vault-agent.instances.<name>.user | User under which this instance runs.
|
| services.jupyter.kernels.<name>.extraPaths | Extra paths to link in kernel directory
|
| services.ytdl-sub.instances.<name>.enable | Whether to enable ytdl-sub instance.
|
| services.httpd.virtualHosts.<name>.servedDirs | This option provides a simple way to serve static directories.
|
| services.hostapd.radios.<name>.wifi6.enable | Enables support for IEEE 802.11ax (WiFi 6, HE)
|
| services.redis.servers.<name>.settings | Redis configuration
|
| services.nginx.virtualHosts.<name>.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| systemd.user.paths.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| services.fedimintd.<name>.api_ws.bind | Address to bind on for API connections relied by the reverse proxy/tls terminator.
|
| services.firezone.server.provision.accounts.<name>.groups.<name>.members | The members of this group
|
| services.httpd.virtualHosts.<name>.logFormat | Log format for Apache's log files
|
| services.caddy.virtualHosts.<name>.logFormat | Configuration for HTTP request logging (also known as access logs)
|
| systemd.user.services.<name>.startLimitBurst | Configure unit start rate limiting
|
| security.pam.services.<name>.howdy.enable | Whether to enable the Howdy PAM module
|
| services.drupal.sites.<name>.virtualHost.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| services.github-runners.<name>.url | Repository to add the runner to
|
| services.agate.hostnames | Domain name of this Gemini server, enables checking hostname and port
in requests. (multiple occurrences means basic vhosts)
|
| virtualisation.interfaces.<name>.name | Interface name
|
| services.xserver.displayManager.lightdm.greeters.gtk.iconTheme.name | Name of the icon theme to use for the lightdm-gtk-greeter.
|
| services.fedimintd.<name>.nginx.enable | Whether to configure nginx for fedimintd
|
| services.httpd.virtualHosts.<name>.sslServerCert | Path to server SSL certificate.
|
| services.firewalld.zones.<name>.target | Action for packets that doesn't match any rules.
|
| services.restic.backups.<name>.pruneOpts | A list of options (--keep-* et al.) for 'restic forget
--prune', to automatically prune old snapshots
|
| services.ytdl-sub.instances.<name>.config | Configuration for ytdl-sub
|
| services.hostapd.radios.<name>.wifi5.enable | Enables support for IEEE 802.11ac (WiFi 5, VHT)
|
| services.tarsnap.archives.<name>.maxbw | Abort archival if upstream bandwidth usage in bytes
exceeds this threshold.
|
| services.vdirsyncer.jobs.<name>.user | User account to run vdirsyncer as, otherwise as a systemd
dynamic user
|
| services.fedimintd.<name>.package | The fedimint package to use.
|
| services.fedimintd.<name>.api_ws.port | TCP Port to bind on for API connections relayed by the reverse proxy/tls terminator.
|
| security.acme.certs.<name>.csr | Path to a certificate signing request to apply when fetching the certificate.
|
| services.xserver.displayManager.lightdm.greeters.slick.theme.name | Name of the theme to use for the lightdm-slick-greeter.
|
| services.znc.confOptions.networks.<name>.useSSL | Whether to use SSL to connect to the IRC server.
|
| services.graylog.rootUsername | Name of the default administrator user
|
| systemd.units.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| systemd.paths.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| services.fedimintd.<name>.nginx.config.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.rke2.manifests.<name>.source | Path of the source .yaml file.
|