| services.asusd.auraConfigs.<name>.source | Path of the source file.
|
| services.caddy.virtualHosts.<name>.hostName | Canonical hostname for the server.
|
| services.redis.servers.<name>.unixSocket | The path to the socket to bind to.
|
| services.rss2email.feeds.<name>.url | The URL at which to fetch the feed.
|
| services.httpd.virtualHosts.<name>.servedFiles | This option provides a simple way to serve individual, static files.
This option has been deprecated and will be removed in a future
version of NixOS
|
| services.h2o.hosts.<name>.acme.useHost | An existing Let’s Encrypt certificate to use for this virtual
host
|
| services.quicktun.<name>.remotePort | Remote UDP port
|
| systemd.user.slices.<name>.documentation | A list of URIs referencing documentation for this unit or its configuration.
|
| systemd.user.timers.<name>.documentation | A list of URIs referencing documentation for this unit or its configuration.
|
| users.users.<name>.autoSubUidGidRange | Automatically allocate subordinate user and group ids for this user
|
| services.fedimintd.<name>.api.url | Public URL of the API address of the reverse proxy/tls terminator
|
| services.drupal.sites.<name>.poolConfig | Options for the Drupal PHP pool
|
| services.ghostunnel.servers.<name>.allowCN | Allow client if common name appears in the list.
|
| security.pam.services.<name>.p11Auth | If set, keys listed in
~/.ssh/authorized_keys and
~/.eid/authorized_certificates
can be used to log in with the associated PKCS#11 tokens.
|
| services.ndppd.proxies.<name>.rules | This is a rule that the target address is to match against
|
| services.beesd.filesystems.<name>.workDir | Name (relative to the root of the filesystem) of the subvolume where
the hash table will be stored.
|
| services.nsd.zones.<name>.dnssecPolicy.zsk.keySize | Key size in bits
|
| services.nsd.zones.<name>.dnssecPolicy.ksk.keySize | Key size in bits
|
| boot.initrd.systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.group | The group of the file
|
| services.openafsClient.cellServDB.<name>.*.ip | IP Address of a database server
|
| services.nginx.proxyCachePath.<name>.keysZoneSize | Set size to shared memory zone.
|
| services.openafsServer.cellServDB.<name>.*.ip | IP Address of a database server
|
| services.hostapd.radios.<name>.noScan | Disables scan for overlapping BSSs in HT40+/- mode
|
| services.yandex-disk.username | Your yandex.com login name.
|
| users.extraUsers.<name>.extraGroups | The user's auxiliary groups.
|
| services.ax25.axports.<name>.package | The ax25-tools package to use.
|
| services.nylon.<name>.verbosity | Enable verbose output, default is to not be verbose.
|
| users.extraUsers.<name>.enable | If set to false, the user account will not be created
|
| services.cjdns.UDPInterface.connectTo.<name>.peerName | (optional) human-readable name for peer
|
| services.cjdns.ETHInterface.connectTo.<name>.peerName | (optional) human-readable name for peer
|
| hardware.alsa.controls.<name>.device | Name of the PCM device to control (slave).
|
| services.public-inbox.inboxes.<name>.newsgroup | NNTP group name for the inbox.
|
| hardware.sane.brscan5.netDevices.<name>.nodename | The node name of the device
|
| hardware.sane.brscan4.netDevices.<name>.nodename | The node name of the device
|
| services.h2o.hosts.<name>.settings | Attrset to be transformed into YAML for host config
|
| services.kimai.sites.<name>.settings | Structural Kimai's local.yaml configuration
|
| services.geth.<name>.authrpc.address | Listen address of Go Ethereum Auth RPC API.
|
| services.phpfpm.pools.<name>.phpPackage | The PHP package to use for running this PHP-FPM pool.
|
| services.restic.backups.<name>.runCheck | Whether to run the check command with the provided checkOpts options.
|
| services.hans.clients.<name>.extraConfig | Additional command line parameters
|
| services.iodine.clients.<name>.server | Hostname of server running iodined
|
| services.dokuwiki.sites.<name>.stateDir | Location of the DokuWiki state directory.
|
| services.rspamd.workers.<name>.enable | Whether to run the rspamd worker.
|
| services.restic.backups.<name>.checkOpts | A list of options for 'restic check'.
|
| services.ghostunnel.servers.<name>.allowOU | Allow client if organizational unit name appears in the list.
|
| containers.<name>.bindMounts.<name>.mountPoint | Mount point on the container file system.
|
| services.bird-lg.frontend.nameFilter | Protocol names to hide in summary tables (RE2 syntax),
|
| services.rsync.jobs.<name>.settings | Settings that should be passed to rsync via long options
|
| services.kimai.sites.<name>.database.user | Database user.
|
| services.dovecot2.imapsieve.mailbox.*.name | This setting configures the name of a mailbox for which administrator scripts are configured
|
| services.fedimintd.<name>.api.bind | Address to bind on for API connections relied by the reverse proxy/tls terminator.
|
| services.fedimintd.<name>.api.port | Port to bind on for API connections relied by the reverse proxy/tls terminator.
|
| services.geth.<name>.websocket.port | Port number of Go Ethereum WebSocket API.
|
| services.anubis.instances.<name>.settings.BIND | The address that Anubis listens to
|
| users.extraUsers.<name>.shell | The path to the user's shell
|
| services.firezone.server.provision.accounts.<name>.actors.<name>.type | The account type
|
| services.kanidm.provision.systems.oauth2.<name>.claimMaps.<name>.valuesByGroup | Maps kanidm groups to values for the claim.
|
| services.bitcoind.<name>.package | The bitcoind package to use.
|
| boot.loader.systemd-boot.extraFiles | A set of files to be copied to $BOOT
|
| services.h2o.hosts.<name>.serverAliases | Additional names of virtual hosts served by this virtual host
configuration.
|
| services.tahoe.nodes.<name>.client.helper | The furl for a Tahoe helper node
|
| hardware.printers.ensurePrinters.*.name | Name of the printer / printer queue
|
| services.dokuwiki.sites.<name>.acl.*.actor | User or group to restrict
|
| services.bepasty.servers.<name>.dataDir | Path to the directory where the pastes will be saved to
|
| services.wordpress.sites.<name>.virtualHost.locations.<name>.proxyPass | Sets up a simple reverse proxy as described by https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html#simple.
|
| services.kimai.sites.<name>.database.host | Database host address.
|
| services.kimai.sites.<name>.database.port | Database host port.
|
| services.i2pd.inTunnels.<name>.outbound.quantity | Number of simultaneous ‹name› tunnels.
|
| services.bitcoind.<name>.configFile | The configuration file path to supply bitcoind.
|
| security.pam.services.<name>.mysqlAuth | If set, the pam_mysql module will be used to
authenticate users against a MySQL/MariaDB database.
|
| services.k3s.autoDeployCharts.<name>.repo | The repo of the Helm chart
|
| services.tinc.networks.<name>.hostSettings.<name>.subnets.*.weight | Indicates the priority over identical Subnets owned by different nodes
|
| security.pam.services.<name>.limits.*.type | Type of this limit
|
| services.bacula-fd.director.<name>.tls.require | Require TLS or TLS-PSK encryption
|
| services.bacula-sd.director.<name>.tls.require | Require TLS or TLS-PSK encryption
|
| users.extraUsers.<name>.cryptHomeLuks | Path to encrypted luks device that contains
the user's home directory.
|
| services.awstats.configs.<name>.webService.hostname | The hostname the web service appears under.
|
| services.redis.servers.<name>.user | User account under which this instance of redis-server runs.
If left as the default value this user will automatically be
created on system activation, otherwise you are responsible for
ensuring the user exists before the redis service starts.
|
| users.extraUsers.<name>.pamMount | Attributes for user's entry in
pam_mount.conf.xml
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cacert.<name>.handle | Hex-encoded CKA_ID or handle of the certificate on a token or TPM,
respectively
|
| services.ghostunnel.servers.<name>.allowDNS | Allow client if DNS subject alternative name appears in the list.
|
| services.ghostunnel.servers.<name>.allowURI | Allow client if URI subject alternative name appears in the list.
|
| services.logcheck.ignore.<name>.level | Set the logcheck level.
|
| services.sanoid.datasets.<name>.daily | Number of daily snapshots.
|
| services.znapzend.zetup.<name>.enable | Whether to enable this source.
|
| systemd.sockets.<name>.documentation | A list of URIs referencing documentation for this unit or its configuration.
|
| systemd.targets.<name>.documentation | A list of URIs referencing documentation for this unit or its configuration.
|
| services.tor.relay.onionServices.<name>.map | See torrc manual.
|
| services.i2pd.outTunnels.<name>.outbound.quantity | Number of simultaneous ‹name› tunnels.
|
| services.kubernetes.kubelet.taints.<name>.key | Key of taint.
|
| systemd.network.networks.<name>.quickFairQueueingConfig | Each attribute in this set specifies an option in the
[QuickFairQueueing] section of the unit
|
| services.headscale.settings.database.postgres.name | Database name.
|
| security.acme.certs.<name>.csrKey | Path to the private key to the matching certificate signing request.
|
| services.k3s.autoDeployCharts.<name>.hash | The hash of the packaged Helm chart
|
| services.nylon.<name>.deniedIPRanges | Denied client IP ranges, these gets evaluated after the allowed IP ranges, defaults to all IPv4 addresses:
[ "0.0.0.0/0" ]
To block all other access than the allowed.
|
| services.xserver.xkb.extraLayouts.<name>.compatFile | The path to the xkb compat file
|
| security.pam.services.<name>.limits.*.item | Item this limit applies to
|
| services.kanidm.provision.persons.<name>.legalName | Full legal name
|
| security.pam.services.<name>.makeHomeDir | Whether to try to create home directories for users
with $HOMEs pointing to nonexistent
locations on session login.
|
| services.hostapd.radios.<name>.band | Specifies the frequency band to use, possible values are 2g for 2.4 GHz,
5g for 5 GHz, 6g for 6 GHz and 60g for 60 GHz.
|