Don't send the password immediately after login, but store for PAM session.

Path to the accounts file.

Hostname of the database to connect to

The port where the host can be reached

Optional slot number of the token that stores the certificate.

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

The hostname the web service appears under.

Kissattach parameters for this interface.

The IP and port to forward all traffic to.

The IP and port to forward all traffic to.

Whitelists the given rrl-types.

Start the specified units when this unit is started.

Start the specified units when this unit is started.

The address that Anubis listens to

Location of the dokuwiki acl rules

Whether to update /var/log/wtmp.

These lines go to the end of the location verbatim.

Name of the theme to use for the lightdm-enso-os-greeter

The input type

The external location that the node should listen on

Hex-encoded CKA_ID or handle of the certificate on a token or TPM, respectively

A list of one or more units that are activated when this unit enters the "failed" state.

A list of one or more units that are activated when this unit enters the "inactive" state.

Number of simultaneous ‹name› tunnels.

Each attribute in this set specifies an option in the [Unit] section of the unit

Whether to enable HTTPS in addition to plain HTTP

Whether to enable HTTPS in addition to plain HTTP

Name of user to run the script under.

Paths to SSL files

Whether this node is a relay.

User that runs the cronjob.

Database name.

Attribute set describing resource limits

Arguments passed to the main process script

If enabled, the pam_umask module will be loaded.

Shell commands to execute when the event is triggered.

Regex specifying which log lines to ignore.

Attribute set of NetBird client daemons, by default each one will:

1. be manageable using dedicated tooling:

• netbird-<name> script,
• NetBird - netbird-<name> graphical interface when appropriate (see ui.enable),

2. run as a netbird-<name>.service,
3. listen for incoming remote connections on the port 51820 (openFirewall by default),
4. manage the netbird-<name> wireguard interface,
5. use the /var/lib/netbird-/config.json configuration file,
6. override /var/lib/netbird-/config.json with values from /etc/netbird-/config.d/*.json,
7. (hardened) be locally manageable by netbird-<name> system group,

With following caveats:

• multiple daemons will interfere with each other's DNS resolution of netbird.cloud, but should remain fully operational otherwise

ID of the user in initrd.

Run specified command or script after the tunnel device has been opened.

The number of shares required to reconstitute a file.

How frequently to change keys

How frequently to change keys

Path to the certificate file.

Name of the database user to initialise the database with

The user as which to run blockbook-frontend-‹name›.

If set, users listed in $XDG_CONFIG_HOME/Yubico/u2f_keys (or $HOME/.config/Yubico/u2f_keys if XDG variable is not set) are able to log in with the associated U2F key

Name of the network interface managed by this client.

Name of the network interface managed by this client.

If enabled, checks all masters for the last zone version

The type of the service

Subordinate user ids that user is allowed to use

Subordinate group ids that user is allowed to use

Number of simultaneous ‹name› tunnels.

Key of taint.

Log level of the NetBird daemon.

Log level of the NetBird daemon.

Whether the delay after typing a wrong password should be disabled.

If set, fingerprint reader will be used (if exists and your fingerprints are enrolled).

Permission level to restrict the actor(s) to

Path to the working directory (used for config and pidfile)

Name of the icon theme to use for the lightdm-gtk-greeter.

Name (relative to the root of the filesystem) of the subvolume where the hash table will be stored.

A state directory used by NetBird client to store config.json, state.json & resolv.conf.

A state directory used by NetBird client to store config.json, state.json & resolv.conf.

Enable or disable TTY auditing for specified users

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Full legal name

Name of the theme to use for the lightdm-slick-greeter.

Allow client if common name appears in the list.

Create an individual listening socket

Name of the platform

FastCGI parameters to override

Whether to enable frp.

Akkoma frontend reference.

The tinc_pre package to use.

Sets up a simple reverse proxy as described by https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html#simple.

E-mail address of the server administrator.

Whether to enable HTTPS and reject plain HTTP connections

Whether to enable HTTPS and reject plain HTTP connections

Remote UDP port

Path to host the API on and forward to the daemon's api port

Whether the PPP session is automatically started at boot time.

Controls how long to wait for a Neighbor Advertisement Message before invalidating the entry, in milliseconds.

Directory for the acme challenge which is PUBLIC, don't put certs or keys in here

Directory for the ACME challenge, which is public

The ax25-tools package to use.

Enable verbose output, default is to not be verbose.

Canonical hostname for the server.

Units that want (i.e. depend on) this unit

Units that want (i.e. depend on) this unit

Controls presence of netbird-ui wrapper for this NetBird client.

Controls presence of netbird-ui wrapper for this NetBird client.

Hex-encoded CKA_ID or handle of the certificate on a token or TPM, respectively

Absolute path to the certificate to load

Whether the luksOpen will be attempted before LVM scan or after it.

Allow client if organizational unit name appears in the list.

Host to use for the destination dataset

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.