| services.send.package | The send package to use.
|
| services.taler.exchange.package | The taler-exchange package to use.
|
| services.strongswan-swanctl.swanctl.secrets.ntlm.<name>.secret | Value of the NTLM secret, which is the NT Hash of the actual secret,
that is, MD4(UTF-16LE(secret))
|
| services.paperless.exporter.directory | Directory to store export.
|
| services.marytts.enable | Whether to enable MaryTTS.
|
| services.prometheus.exporters.graphite.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.graphite.openFirewall
is true
|
| services.lidarr.settings.server.port | Port Number
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|
| services.prometheus.remoteWrite.*.sigv4.access_key | The Access Key ID.
|
| services.sabnzbd.settings.misc.port | Port for the Web UI to listen on for incoming connections.
|
| services.netbird.tunnels.<name>.config | Additional configuration that exists before the first start and
later overrides the existing values in config.json
|
| services.prometheus.remoteWrite.*.headers | Custom HTTP headers to be sent along with each remote write request
|
| services.meme-bingo-web.port | Port to be used for the web server.
|
| services.prometheus.exporters.nextcloud.user | User name under which the nextcloud exporter shall be run.
|
| services.postfix.enableHeaderChecks | Whether to enable postfix header checks
|
| services.schleuder.settings | Settings for schleuder.yml
|
| services.scrutiny.settings.web.listen.basepath | If Scrutiny will be behind a path prefixed reverse proxy, you can override this
value to serve Scrutiny on a subpath.
|
| services.mosquitto.listeners.*.users.<name>.passwordFile | Specifies the path to a file containing the
clear text password for the MQTT user
|
| services.qbittorrent.serverConfig | Free-form settings mapped to the qBittorrent.conf file in the profile
|
| services.subsonic.defaultPodcastFolder | Configure Subsonic to use this folder for Podcasts
|
| services.lighthouse.beacon.execution.address | Listen address for the execution layer.
|
| services.mosquitto.enable | Whether to enable the MQTT Mosquitto broker.
|
| services.livekit.ingress.package | The livekit-ingress package to use.
|
| services.nginx.sso.package | The nginx-sso package to use.
|
| services.prometheus.scrapeConfigs.*.nerve_sd_configs.*.paths | Paths can point to a single service, or the root of a tree of services.
|
| services.monica.maxUploadSize | The maximum size for uploads (e.g. images).
|
| services.lldap.settings.ldap_user_pass | Password for default admin password
|
| services.owncast.port | TCP port where owncast web-gui listens.
|
| services.pretix.settings.database.host | Database host or socket path.
|
| services.postfix.settings.main.message_size_limit | Maximum size of an email message in bytes.
https://www.postfix.org/postconf.5.html#message_size_limit
|
| services.psd.resyncTimer | The amount of time to wait before syncing browser profiles back to the
disk
|
| services.sftpgo.group | Group name under which SFTPGo runs.
|
| services.triggerhappy.user | User account under which triggerhappy runs.
|
| services.prometheus.exporters.ping.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.ping.openFirewall is true.
|
| services.monica.nginx.listen.*.extraParameters | Extra parameters of this listen directive.
|
| services.openwebrx.enable | Whether to enable OpenWebRX Web interface for Software-Defined Radios on http://localhost:8073.
|
| services.postgresql.enableTCPIP | Whether PostgreSQL should listen on all network interfaces
|
| services.sogo.configReplaces | Replacement-filepath mapping for sogo.conf
|
| services.prometheus.exporters.fritz.enable | Whether to enable the prometheus fritz exporter.
|
| services.swapspace.enable | Whether to enable Swapspace, a dynamic swap space manager.
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.refresh_interval | Refresh interval to re-read the managed targets list
|
| services.tomcat.enable | Whether to enable Apache Tomcat.
|
| services.prometheus.exporters.py-air-control.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.py-air-control.openFirewall is true.
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.basic_auth | Optional HTTP basic authentication information.
|
| services.pgscv.package | The pgscv package to use.
|
| services.limesurvey.httpd.virtualHost.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| services.tor.settings.FascistFirewall | See torrc manual.
|
| services.matrix-conduit.settings.global.address | Address to listen on for connections by the reverse proxy/tls terminator.
|
| services.mediatomb.enable | Whether to enable the Gerbera/Mediatomb DLNA server.
|
| services.r53-ddns.ttl | The TTL for the generated record
|
| services.prometheus.exporters.ecoflow.exporterType | The type of exporter you'd like to use
|
| services.openssh.knownHosts.<name>.hostNames | A list of host names and/or IP numbers used for accessing
the host's ssh service
|
| services.sanoid.datasets.<name>.hourly | Number of hourly snapshots.
|
| services.transmission.extraFlags | Extra flags passed to the transmission command in the service definition.
|
| services.mastodon.secretKeyBaseFile | Path to file containing the secret key base
|
| services.prometheus.exporters.json.port | Port to listen on.
|
| services.prometheus.exporters.bind.enable | Whether to enable the prometheus bind exporter.
|
| services.self-deploy.nixAttribute | Attribute of nixFile that builds the current system.
|
| services.postgres-websockets.environment | postgres-websockets configuration as defined in:
https://github.com/diogob/postgres-websockets/blob/master/src/PostgresWebsockets/Config.hs#L71-L87
PGWS_DB_URI is represented as an attribute set, see [`environment
|
| services.nitter.preferences.hideReplies | Hide tweet replies.
|
| services.slskd.settings.web.https.disabled | Disable the built-in HTTPS server
|
| services.pgbackrest.commands.stanza-upgrade | Options for the 'stanza-upgrade' command
|
| services.opendkim.configFile | Additional opendkim configuration as a file.
|
| services.prometheus.exporters.graphite.extraFlags | Extra commandline options to pass to the graphite exporter.
|
| services.prometheus.scrapeConfigs.*.tls_config.key_file | Key file for client cert authentication to the server.
|
| services.thanos.downsample.log.level | Log filtering level
|
| services.maubot.settings.server.ui_base_path | The base path for the UI.
|
| services.netbox.ldapConfigPath | Path to the Configuration-File for LDAP-Authentication, will be loaded as ldap_config.py
|
| services.monica.nginx.globalRedirect | If set, all requests for this host are redirected (defaults to 301,
configurable with redirectCode) to the given hostname.
|
| services.outline.storage.region | AWS S3 region name.
|
| services.snipe-it.nginx.sslCertificate | Path to server SSL certificate.
|
| services.prometheus.scrapeConfigs.*.docker_sd_configs.*.filters.*.name | Name of the filter
|
| services.prometheus.exporters.unpoller.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.unpoller.openFirewall is true.
|
| services.pretix.settings.mail.from | E-Mail address used in the FROM header of outgoing mails.
|
| services.nsd.hideVersion | Whether NSD should answer VERSION
|
| services.pinchflat.mediaDir | The directory into which Pinchflat downloads videos.
|
| services.tarsnap.archives.<name>.keyfile | Set a specific keyfile for this archive
|
| services.thanos.sidecar.log.level | Log filtering level
|
| services.netbird.server.coturn.passwordFile | The path to a file containing the password of the user used by netbird to connect to the coturn server.
|
| services.limesurvey.nginx.virtualHost.extraConfig | These lines go to the end of the vhost verbatim.
|
| services.prometheus.exporters.statsd.extraFlags | Extra commandline options to pass to the statsd exporter.
|
| services.mailcatcher.smtp.ip | The ip address of the smtp server.
|
| services.prometheus.exporters.mqtt.topicLabel | Define the Prometheus label for the topic.
|
| services.public-inbox.inboxes.<name>.url | URL where this inbox can be accessed over HTTP.
|
| services.nagios.virtualHost.listenAddresses | Listen addresses for this virtual host
|
| services.screego.enable | Whether to enable screego screen-sharing server for developers.
|
| services.lifecycled.debug | Enable debugging information.
|
| services.nginx.virtualHosts.<name>.forceSSL | Whether to add a separate nginx server block that redirects (defaults
to 301, configurable with redirectCode) all plain HTTP traffic to
HTTPS
|
| services.molly-brown.hostName | The hostname to respond to requests for
|
| services.misskey.reverseProxy.webserver.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.peertube.redis.passwordFile | Password for redis database.
|
| services.octoprint.host | Host to bind OctoPrint to.
|
| services.prometheus.exporters.flow.user | User name under which the flow exporter shall be run.
|
| services.nextcloud.nginx.enableFastcgiRequestBuffering | Whether to buffer requests against fastcgi requests
|
| services.matrix-tuwunel.settings | Generates the tuwunel.toml configuration file
|
| services.n8n.environment.N8N_DIAGNOSTICS_ENABLED | Whether to share selected, anonymous telemetry with n8n
|
| services.prometheus.exporters.nginx.sslVerify | Whether to perform certificate verification for https.
|
| services.rss-bridge.virtualHost | Name of the nginx or caddy virtualhost to use and setup
|
| services.prometheus.exporters.redis.listenAddress | Address to listen on.
|
| services.tor.client.onionServices.<name>.clientAuthorizations | Clients' authorizations for a v3 onion service,
as a list of files containing each one private key, in the format:
descriptor:x25519:<base32-private-key>
See torrc manual.
|