| services.kimai.sites.<name>.database.user | Database user.
|
| services.prosody.virtualHosts.<name>.ssl | Paths to SSL files
|
| services.nebula.networks.<name>.isRelay | Whether this node is a relay.
|
| services.logcheck.ignoreCron.<name>.user | User that runs the cronjob.
|
| services.redis.servers.<name>.user | User account under which this instance of redis-server runs.
If left as the default value this user will automatically be
created on system activation, otherwise you are responsible for
ensuring the user exists before the redis service starts.
|
| systemd.user.paths.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| services.bacula-fd.director.<name>.tls.require | Require TLS or TLS-PSK encryption
|
| services.bacula-sd.director.<name>.tls.require | Require TLS or TLS-PSK encryption
|
| security.pam.services.<name>.updateWtmp | Whether to update /var/log/wtmp.
|
| services.bird-lg.frontend.nameFilter | Protocol names to hide in summary tables (RE2 syntax),
|
| services.nylon.<name>.bindInterface | Tell nylon which interface to use as an uplink, default is "enp3s0f0".
|
| fileSystems.<name>.label | Label of the device
|
| services.tor.relay.onionServices.<name>.settings.HiddenServiceDirGroupReadable | See torrc manual.
|
| services.metricbeat.modules.<name>.module | The name of the module
|
| security.acme.certs.<name>.csr | Path to a certificate signing request to apply when fetching the certificate.
|
| users.extraUsers.<name>.cryptHomeLuks | Path to encrypted luks device that contains
the user's home directory.
|
| containers.<name>.extraVeths.<name>.localAddress6 | The IPv6 address assigned to the interface in the container
|
| services.hostapd.radios.<name>.band | Specifies the frequency band to use, possible values are 2g for 2.4 GHz,
5g for 5 GHz, 6g for 6 GHz and 60g for 60 GHz.
|
| systemd.user.services.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| services.rke2.autoDeployCharts.<name>.repo | The repo of the Helm chart
|
| services.postfix.masterConfig.<name>.type | The type of the service
|
| services.nginx.virtualHosts.<name>.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| services.xserver.xkb.extraLayouts.<name>.compatFile | The path to the xkb compat file
|
| security.pam.services.<name>.enableUMask | If enabled, the pam_umask module will be loaded.
|
| services.acpid.handlers.<name>.action | Shell commands to execute when the event is triggered.
|
| services.logcheck.ignore.<name>.regex | Regex specifying which log lines to ignore.
|
| services.wordpress.sites.<name>.virtualHost.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.matrix-conduit.settings.global.server_name | The server_name is the name of this server
|
| services.matrix-tuwunel.settings.global.server_name | The server_name is the name of this server
|
| services.buildkite-agents.<name>.tags | Tags for the agent.
|
| services.quicktun.<name>.protocol | Which protocol to use.
|
| services.drupal.sites.<name>.extraConfig | Extra configuration values that you want to insert into settings.php
|
| services.phpfpm.pools.<name>.phpOptions | "Options appended to the PHP configuration file php.ini used for this PHP-FPM pool."
|
| services.quicktun.<name>.timeWindow | Allowed time window for first received packet in seconds (positive number allows packets from history)
|
| services.nginx.virtualHosts.<name>.quic | Whether to enable the QUIC transport protocol
|
| services.angrr.settings.temporary-root-policies.<name>.ignore-prefixes | List of path prefixes to ignore
|
| services.nghttpx.backends.*.params.dns | Name resolution of a backends host name is done at start up,
or configuration reload
|
| services.ax25.axports.<name>.callsign | The callsign of the physical interface to bind to.
|
| services.kimai.sites.<name>.database.host | Database host address.
|
| services.kimai.sites.<name>.database.port | Database host port.
|
| services.netbird.tunnels.<name>.logLevel | Log level of the NetBird daemon.
|
| services.netbird.clients.<name>.logLevel | Log level of the NetBird daemon.
|
| users.extraUsers.<name>.shell | The path to the user's shell
|
| systemd.sockets.<name>.wants | Start the specified units when this unit is started.
|
| systemd.targets.<name>.wants | Start the specified units when this unit is started.
|
| services.nsd.zones.<name>.maxRefreshSecs | Limit refresh time for secondary zones
|
| services.firezone.server.provision.accounts.<name>.actors.<name>.email | The email address used to authenticate as this account
|
| services.filebeat.inputs.<name>.type | The input type
|
| services.tahoe.nodes.<name>.client.helper | The furl for a Tahoe helper node
|
| systemd.services.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| services.rke2.autoDeployCharts.<name>.hash | The hash of the packaged Helm chart
|
| image.repart.partitions.<name>.contents.<name>.source | Path of the source file.
|
| services.frp.instances.<name>.enable | Whether to enable frp.
|
| services.akkoma.frontends.<name>.ref | Akkoma frontend reference.
|
| services.redis.servers.<name>.unixSocketPerm | Change permissions for the socket
|
| services.tinc.networks.<name>.package | The tinc_pre package to use.
|
| services.github-runners.<name>.package | The github-runner package to use.
|
| systemd.user.units.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| systemd.user.paths.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| security.pam.services.<name>.nodelay | Whether the delay after typing a wrong password should be disabled.
|
| services.firezone.server.provision.accounts.<name>.auth.<name>.adapter | The auth adapter type
|
| services.znapzend.zetup.<name>.plan | The znapzend backup plan to use for the source
|
| services.github-runners.<name>.user | User under which to run the service
|
| users.extraUsers.<name>.pamMount | Attributes for user's entry in
pam_mount.conf.xml
|
| services.phpfpm.pools.<name>.extraConfig | Extra lines that go into the pool configuration
|
| services.minidlna.settings.friendly_name | Name that the server presents to clients.
|
| services.sslh.settings.protocols | List of protocols sslh will probe for and redirect
|
| services.httpd.virtualHosts.<name>.adminAddr | E-mail address of the server administrator.
|
| services.nsd.zones.<name>.dnssecPolicy.zsk.keySize | Key size in bits
|
| services.tor.relay.onionServices.<name>.map | See torrc manual.
|
| services.nsd.zones.<name>.dnssecPolicy.ksk.keySize | Key size in bits
|
| services.honk.servername | The server name.
|
| systemd.services.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| security.pam.services.<name>.fprintAuth | If set, fingerprint reader will be used (if exists and
your fingerprints are enrolled).
|
| services.pretix.settings.pretix.instance_name | The name of this installation.
|
| services.gitwatch.<name>.message | Optional text to use in as commit message; all occurrences of %d will be replaced by formatted date/time
|
| fileSystems.<name>.encrypted.label | Label of the unlocked encrypted device
|
| services.dokuwiki.sites.<name>.aclFile | Location of the dokuwiki acl rules
|
| systemd.sockets.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| systemd.targets.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| security.pam.services.<name>.rssh | If set, the calling user's SSH agent is used to authenticate
against the configured keys
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.user | The user of the file
|
| services.h2o.hosts.<name>.acme.useHost | An existing Let’s Encrypt certificate to use for this virtual
host
|
| security.pam.services.<name>.limits.*.value | Value of this limit
|
| services.k3s.manifests.<name>.source | Path of the source .yaml file.
|
| services.k3s.manifests.<name>.enable | Whether this manifest file should be generated.
|
| services.fedimintd.<name>.nginx.path | Path to host the API on and forward to the daemon's api port
|
| services.pppd.peers.<name>.autostart | Whether the PPP session is automatically started at boot time.
|
| services.nginx.virtualHosts.<name>.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.redis.servers.<name>.save | The schedule in which data is persisted to disk, represented as a list of lists where the first element represent the amount of seconds and the second the number of changes
|
| services.dokuwiki.sites.<name>.acl.*.level | Permission level to restrict the actor(s) to
|
| services.bepasty.servers.<name>.workDir | Path to the working directory (used for config and pidfile)
|
| services.spiped.config.<name>.encrypt | Take unencrypted connections from the
source socket and send encrypted
connections to the target socket.
|
| services.spiped.config.<name>.decrypt | Take encrypted connections from the
source socket and send unencrypted
connections to the target socket.
|
| services.keycloak.settings.hostname | The hostname part of the public URL used as base for
all frontend requests
|
| services.firewalld.zones.<name>.short | Short description for the zone.
|
| services.firewalld.zones.<name>.ports | Ports to allow in the zone.
|
| services.firewalld.zones.<name>.rules | Rich rules for the zone.
|
| services.restic.backups.<name>.package | The restic package to use.
|
| fileSystems.<name>.mountPoint | Location where the file system will be mounted
|