| services.dovecot2.user | Dovecot user name.
|
| services.kanidm.provision.persons.<name>.legalName | Full legal name
|
| services.httpd.virtualHosts.<name>.hostName | Canonical hostname for the server.
|
| services.asusd.auraConfigs.<name>.source | Path of the source file.
|
| services.caddy.virtualHosts.<name>.hostName | Canonical hostname for the server.
|
| services.redis.servers.<name>.unixSocket | The path to the socket to bind to.
|
| services.rss2email.feeds.<name>.url | The URL at which to fetch the feed.
|
| services.ghostunnel.servers.<name>.allowOU | Allow client if organizational unit name appears in the list.
|
| systemd.network.links.<name>.linkConfig | Each attribute in this set specifies an option in the
[Link] section of the unit
|
| services.blockbook-frontend.<name>.group | The group as which to run blockbook-frontend-‹name›.
|
| services.xserver.xkb.extraLayouts.<name>.compatFile | The path to the xkb compat file
|
| services.influxdb2.provision.users.<name>.passwordFile | Password for the user
|
| services.drupal.sites.<name>.phpOptions | Options for PHP's php.ini file for this Drupal site.
|
| services.geth.<name>.metrics.address | Listen address of Go Ethereum metrics service.
|
| services.nginx.proxyCachePath.<name>.enable | Whether to enable this proxy cache path entry.
|
| services.dovecot2.imapsieve.mailbox.*.name | This setting configures the name of a mailbox for which administrator scripts are configured
|
| networking.ipips.<name>.remote | The address of the remote endpoint to forward traffic over.
|
| services.tor.relay.onionServices.<name>.map | See torrc manual.
|
| services.firezone.server.provision.accounts.<name>.actors.<name>.email | The email address used to authenticate as this account
|
| services.gammu-smsd.backend.sql.user | User name used for connection to the database
|
| networking.jool.nat64 | Definitions of NAT64 instances of Jool
|
| services.fedimintd.<name>.api.url | Public URL of the API address of the reverse proxy/tls terminator
|
| services.drupal.sites.<name>.poolConfig | Options for the Drupal PHP pool
|
| services.openafsClient.cellServDB.<name>.*.ip | IP Address of a database server
|
| services.nginx.proxyCachePath.<name>.keysZoneSize | Set size to shared memory zone.
|
| services.openafsServer.cellServDB.<name>.*.ip | IP Address of a database server
|
| services.firezone.server.provision.accounts.<name>.auth.<name>.adapter | The auth adapter type
|
| services.znc.confOptions.userName | The user name used to log in to the ZNC web admin interface.
|
| services.xserver.displayManager.lightdm.greeters.enso.iconTheme.name | Name of the icon theme to use for the lightdm-enso-os-greeter
|
| security.pam.services.<name>.p11Auth | If set, keys listed in
~/.ssh/authorized_keys and
~/.eid/authorized_certificates
can be used to log in with the associated PKCS#11 tokens.
|
| services.ndppd.proxies.<name>.rules | This is a rule that the target address is to match against
|
| security.acme.certs.<name>.webroot | Where the webroot of the HTTP vhost is located.
.well-known/acme-challenge/ directory
will be created below the webroot if it doesn't exist.
http://example.org/.well-known/acme-challenge/ must also
be available (notice unencrypted HTTP).
|
| services.hostapd.radios.<name>.noScan | Disables scan for overlapping BSSs in HT40+/- mode
|
| services.hqplayerd.auth.username | Username used for HQPlayer's WebUI
|
| services.hans.clients.<name>.extraConfig | Additional command line parameters
|
| services.iodine.clients.<name>.server | Hostname of server running iodined
|
| services.dokuwiki.sites.<name>.stateDir | Location of the DokuWiki state directory.
|
| services.rspamd.workers.<name>.enable | Whether to run the rspamd worker.
|
| services.restic.backups.<name>.checkOpts | A list of options for 'restic check'.
|
| services.kimai.sites.<name>.settings | Structural Kimai's local.yaml configuration
|
| services.geth.<name>.authrpc.address | Listen address of Go Ethereum Auth RPC API.
|
| services.phpfpm.pools.<name>.phpPackage | The PHP package to use for running this PHP-FPM pool.
|
| services.restic.backups.<name>.runCheck | Whether to run the check command with the provided checkOpts options.
|
| boot.initrd.systemd.contents.<name>.target | Path of the symlink.
|
| security.wrappers.<name>.setgid | Whether to add the setgid bit the wrapper program.
|
| security.wrappers.<name>.setuid | Whether to add the setuid bit the wrapper program.
|
| services.icingaweb2.modules.monitoring.transports.<name>.username | Username for the api or remote transport
|
| services.mjpg-streamer.user | mjpg-streamer user name.
|
| services.h2o.hosts.<name>.settings | Attrset to be transformed into YAML for host config
|
| hardware.alsa.controls.<name>.maxVolume | The maximum volume in dB.
|
| services.h2o.hosts.<name>.tls.identity.*.key-file | Path to key file
|
| services.rsync.jobs.<name>.settings | Settings that should be passed to rsync via long options
|
| services.tinc.networks.<name>.hostSettings.<name>.subnets.*.weight | Indicates the priority over identical Subnets owned by different nodes
|
| services.tahoe.nodes.<name>.storage.enable | Whether to enable storage service.
|
| services.wyoming.piper.servers.<name>.uri | URI to bind the wyoming server to.
|
| services.geth.<name>.websocket.port | Port number of Go Ethereum WebSocket API.
|
| services.fedimintd.<name>.api.bind | Address to bind on for API connections relied by the reverse proxy/tls terminator.
|
| services.fedimintd.<name>.api.port | Port to bind on for API connections relied by the reverse proxy/tls terminator.
|
| services.fedimintd.<name>.nginx.config.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.ghostunnel.servers.<name>.allowDNS | Allow client if DNS subject alternative name appears in the list.
|
| services.ghostunnel.servers.<name>.allowURI | Allow client if URI subject alternative name appears in the list.
|
| users.extraUsers.<name>.hashedPasswordFile | The full path to a file that contains the hash of the user's
password
|
| systemd.services.<name>.upholds | Keeps the specified running while this unit is running
|
| environment.etc.<name>.mode | If set to something else than symlink,
the file is copied instead of symlinked, with the given
file mode.
|
| systemd.paths.<name>.requisite | Similar to requires
|
| boot.initrd.systemd.contents.<name>.source | Path of the source file.
|
| services.nsd.zones.<name>.dnssecPolicy.keyttl | TTL for dnssec records
|
| services.dokuwiki.sites.<name>.acl.*.actor | User or group to restrict
|
| services.bepasty.servers.<name>.dataDir | Path to the directory where the pastes will be saved to
|
| security.auditd.plugins.<name>.active | Whether to enable Whether to enable this plugin.
|
| services.h2o.hosts.<name>.serverAliases | Additional names of virtual hosts served by this virtual host
configuration.
|
| security.acme.certs.<name>.extraDomainNames | A list of extra domain names, which are included in the one certificate to be issued.
|
| services.ax25.axports.<name>.kissParams | Kissattach parameters for this interface.
|
| services.tahoe.nodes.<name>.client.shares.total | The number of shares required to store a file.
|
| services.i2pd.inTunnels.<name>.crypto.tagsToSend | Number of ElGamal/AES tags to send.
|
| security.pam.services.<name>.limits.*.type | Type of this limit
|
| services.xserver.displayManager.lightdm.greeters.slick.iconTheme.name | Name of the icon theme to use for the lightdm-slick-greeter.
|
| containers.<name>.extraVeths.<name>.hostBridge | Put the host-side of the veth-pair into the named bridge
|
| security.pam.services.<name>.mysqlAuth | If set, the pam_mysql module will be used to
authenticate users against a MySQL/MariaDB database.
|
| boot.initrd.luks.devices.<name>.yubikey.twoFactor | Whether to use a passphrase and a YubiKey (true), or only a YubiKey (false).
|
| boot.initrd.luks.devices.<name>.yubikey.keyLength | Length of the LUKS slot key derived with PBKDF2 in byte.
|
| services.bacula-sd.director.<name>.tls.key | The path of a PEM encoded TLS private key
|
| services.bacula-fd.director.<name>.tls.key | The path of a PEM encoded TLS private key
|
| services.k3s.autoDeployCharts.<name>.repo | The repo of the Helm chart
|
| security.pam.services.<name>.failDelay.delay | The delay time (in microseconds) on failure.
|
| services.logcheck.ignore.<name>.level | Set the logcheck level.
|
| services.sanoid.datasets.<name>.daily | Number of daily snapshots.
|
| services.znapzend.zetup.<name>.enable | Whether to enable this source.
|
| boot.initrd.clevis.devices.<name>.secretFile | Clevis JWE file used to decrypt the device at boot, in concert with the chosen pin (one of TPM2, Tang server, or SSS).
|
| systemd.network.networks.<name>.vrf | A list of vrf interfaces to be added to the network section of the
unit
|
| systemd.network.networks.<name>.dns | A list of dns servers to be added to the network section of the
unit
|
| systemd.network.networks.<name>.ntp | A list of ntp servers to be added to the network section of the
unit
|
| services.dawarich.user | User under which dawarich runs
|
| services.xserver.xkb.extraLayouts.<name>.symbolsFile | The path to the xkb symbols file
|
| services.tinc.networks.<name>.hostSettings.<name>.subnets.*.prefixLength | The prefix length of the subnet
|
| services.mosquitto.listeners.*.users.<name>.passwordFile | Specifies the path to a file containing the
clear text password for the MQTT user
|
| services.tahoe.nodes.<name>.sftpd.accounts.url | URL of the accounts server.
|
| services.keepalived.vrrpScripts.<name>.group | Name of group to run the script under
|
| networking.bridges.<name>.rstp | Whether the bridge interface should enable rstp.
|
| networking.greTunnels.<name>.dev | The underlying network device on which the tunnel resides.
|