| services.music-assistant.extraOptions | List of extra options to pass to the music-assistant executable.
|
| services.xtreemfs.mrc.enable | Whether to enable XtreemFS MRC service.
|
| systemd.network.enable | Whether to enable networkd or not.
|
| virtualisation.podman.extraPackages | Extra dependencies for podman to be placed on $PATH in the wrapper.
|
| virtualisation.allInterfaces.<name>.name | Interface name
|
| services.postsrsd.settings.secrets-file | Path to the file containing the secret keys.
Secrets are passed using LoadCredential= on the systemd unit,
so this options is read-only
|
| services.zabbixWeb.nginx.virtualHost.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| systemd.user.units.<name>.text | Text of this systemd unit.
|
| services.wastebin.settings | Additional configuration for wastebin, see
https://github.com/matze/wastebin#usage for supported values
|
| services.windmill.database.createLocally | Whether to create a local database automatically.
|
| services.vaultwarden.config | The configuration of vaultwarden is done through environment variables,
therefore it is recommended to use upper snake case (e.g. DISABLE_2FA_REMEMBER)
|
| services.matrix-synapse.settings.listeners.*.resources.*.names | List of resources to host on this listener.
|
| users.ldap.daemon.rootpwmoddn | The distinguished name to use to bind to the LDAP server
when the root user tries to modify a user's password.
|
| environment.checkConfigurationOptions | Alias of _module.check.
|
| services.zenohd.settings | Config options for zenoh.json5 configuration file
|
| services.wakapi.database.createLocally | Whether to enable automatic database configuration.
Only PostgreSQL is supported for the time being.
.
|
| containers | A set of NixOS system configurations to be run as lightweight
containers
|
| nixpkgs.crossSystem | Systems with a recently generated hardware-configuration.nix
may instead specify only nixpkgs.buildPlatform,
or fall back to removing the nixpkgs.hostPlatform line from the generated config
|
| services.k3s.autoDeployCharts.<name>.extraDeploy | List of extra Kubernetes manifests to deploy with this Helm chart.
|
| services.xserver.displayManager.lightdm.greeters.gtk.extraConfig | Extra configuration that should be put in the lightdm-gtk-greeter.conf
configuration file.
|
| services.xserver.displayManager.lightdm.greeters.slick.draw-user-backgrounds | Whether to enable draw user backgrounds.
|
| systemd.user.sockets.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| services.xserver.xkb.extraLayouts.<name>.symbolsFile | The path to the xkb symbols file
|
| services.lasuite-meet.postgresql.createLocally | Whether to enable Configure local PostgreSQL database server for meet.
|
| systemd.timers.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| services.frr.eigrpd.enable | Whether to enable FRR eigrpd.
|
| services.matrix-synapse.settings.trusted_key_servers.*.server_name | Hostname of the trusted server.
|
| services.xl2tpd.extraPppdOptions | Adds extra lines to the pppd options file.
|
| services.kubernetes.controllerManager.securePort | Kubernetes controller manager secure listening port.
|
| services.jirafeau.nginxConfig.listen.*.addr | Listen address.
|
| services.xserver.windowManager.oxwm.enable | Whether to enable oxwm.
|
| services.ympd.mpd.host | The host where MPD is listening.
|
| services.xtreemfs.osd.httpPort | Specifies the listen port for the HTTP service that returns the
status page.
|
| services.archisteamfarm.package | The archisteamfarm package to use. ::: {.warning}
Should always be the latest version, for security reasons,
since this module uses very new features and to not get out of sync with the Steam API.
:::
|
| services.github-runners.<name>.runnerGroup | Name of the runner group to add this runner to (defaults to the default runner group)
|
| virtualisation.xen.enable | Whether to enable the Xen Project Hypervisor, a virtualisation technology defined as a type-1 hypervisor, which allows multiple virtual machines, known as domains, to run concurrently on the physical machine
|
| services.xserver.displayManager.lightdm.greeters.enso.iconTheme.package | The papirus-icon-theme package to use.
|
| virtualisation.vmware.guest.headless | Whether to disable X11-related features.
|
| services.wgautomesh.settings.peers.*.pubkey | Wireguard public key of this peer.
|
| systemd.user.sockets.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| services.matrix-synapse.settings.listeners.*.x_forwarded | Use the X-Forwarded-For (XFF) header as the client IP and not the
actual client IP.
|
| services.zookeeper.preferIPv4 | Add the -Djava.net.preferIPv4Stack=true flag to the Zookeeper server.
|
| systemd.targets.<name>.description | Description of this unit used in systemd messages and progress indicators.
|
| services.frr.ospfd.options | Options for the FRR ospfd daemon.
|
| services.writefreely.database.passwordFile | The file to load the database password from.
|
| systemd.slices.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| services.jirafeau.nginxConfig.onlySSL | Whether to enable HTTPS and reject plain HTTP connections
|
| services.zipline.settings.CORE_HOSTNAME | The hostname to listen on.
|
| services.frr.sharpd.options | Options for the FRR sharpd daemon.
|
| services.lasuite-docs.redis.createLocally | Configure local Redis cache server for docs.
|
| services.jirafeau.nginxConfig.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.zabbixServer.database.type | Database engine to use.
|
| services.kubernetes.apiserver.serviceAccountKeyFile | File containing PEM-encoded x509 RSA or ECDSA private or public keys,
used to verify ServiceAccount tokens
|
| system.nssDatabases.services | List of services entries to configure in /etc/nsswitch.conf
|
| services.znapzend.features.lowmemRecurse | Whether to enable use lowmemRecurse on systems where you have too many datasets, so a
recursive listing of attributes to find backup plans exhausts the
memory available to znapzend: instead, go the slower
way to first list all impacted dataset names, and then query their
configs one by one
.
|
| services.lasuite-meet.domain | Domain name of the meet instance.
|
| services.jirafeau.nginxConfig.locations.<name>.alias | Alias directory for requests.
|
| system.tools.nixos-generate-config.enable | Whether to enable nixos-generate-config script.
|
| users.ldap.bind.policy | Specifies the policy to use for reconnecting to an unavailable
LDAP server
|
| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.package | Package to use for ghostunnel
|
| services.wordpress.sites.<name>.database.user | Database user.
|
| services.weblate.smtp.enable | Whether to enable Weblate SMTP support.
|
| services.vwifi.server.enable | Whether to enable vwifi server.
|
| services.zeronet.torAlways | Use TOR for all zeronet traffic.
|
| services.xserver.displayManager.lightdm.enable | Whether to enable lightdm as the display manager.
|
| services.lasuite-docs.secretKeyPath | Path to the Django secret key
|
| services.kubernetes.proxy.kubeconfig.server | Kubernetes proxy kube-apiserver server address.
|
| services.stash.plugins | The plugins Stash should be started with.
|
| services.dnscrypt-proxy.package | The dnscrypt-proxy package to use.
|
| services.xinetd.enable | Whether to enable the xinetd super-server daemon.
|
| services.matrix-appservice-irc.settings.ircService.passwordEncryptionKeyPath | Location of the key with which IRC passwords are encrypted
for storage
|
| systemd.globalEnvironment | Environment variables passed to all systemd units.
|
| services.xserver.windowManager.fvwm2.enable | Whether to enable Fvwm2 window manager.
|
| systemd.user.slices.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| services.urxvtd.enable | Enable urxvtd, the urxvt terminal daemon
|
| virtualisation.oci-containers.containers.<name>.podman | Podman-specific settings in OCI containers
|
| services.warpgate.settings.ssh.keepalive_interval | If nothing is received from the client for this amount of time, server will send a keepalive message.
|
| services.jirafeau.nginxConfig.http2 | Whether to enable the HTTP/2 protocol
|
| services.xserver.displayManager.startx.extraCommands | Shell commands to be added to the system-wide xinitrc script.
|
| services.xinetd.services.*.flags | |
| virtualisation.oci-containers.containers.<name>.user | Override the username or UID (and optionally groupname or GID) used
in the container.
|
| systemd.paths.<name>.startLimitBurst | Configure unit start rate limiting
|
| services.powerdns-admin.enable | Whether to enable the PowerDNS web interface.
|
| services.rke2.cni | CNI plugins to deploy, one of none, calico, canal, cilium or flannel
|
| services.xserver.displayManager.lightdm.greeters.tiny.label.pass | The string to represent the pass_text label.
|
| systemd.user.services | Definition of systemd per-user service units.
|
| services.zabbixWeb.httpd.virtualHost.robotsEntries | Specification of pages to be ignored by web crawlers
|
| services.zfs.autoScrub.randomizedDelaySec | Add a randomized delay before each ZFS autoscrub
|
| users.users.<name>.subUidRanges.*.startUid | Start of the range of subordinate user ids that user is
allowed to use.
|
| services.xserver.windowManager.hypr.enable | Whether to enable hypr.
|
| services.xserver.xkb.extraLayouts.<name>.description | A short description of the layout.
|
| services.xtreemfs.dir.extraConfig | Configuration of XtreemFS DIR service
|
| services.jirafeau.nginxConfig.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.archisteamfarm.web-ui | The Web-UI hosted on 127.0.0.1:1242.
|
| systemd.user.generators | Definition of systemd generators; see systemd.generator(5)
|
| systemd.services.<name>.environment | Environment variables passed to the service's processes.
|
| services.vault.tlsKeyFile | TLS private key file
|
| virtualisation.containers.registries.insecure | List of insecure repositories.
|
| services.dnscrypt-proxy.upstreamDefaults | Whether to base the config declared in services.dnscrypt-proxy.settings on the upstream example config (https://github.com/DNSCrypt/dnscrypt-proxy/blob/master/dnscrypt-proxy/example-dnscrypt-proxy.toml)
Disable this if you want to declare your dnscrypt config from scratch.
|
| services.zeronsd.servedNetworks.<name>.settings.log_level | Log Level.
|