| services.nsd.zones.<name>.allowAXFRFallback | If NSD as secondary server should be allowed to AXFR if the primary
server does not allow IXFR.
|
| security.pam.services.<name>.setLoginUid | Set the login uid of the process
(/proc/self/loginuid) for auditing
purposes
|
| services.tinc.networks.<name>.hostSettings.<name>.subnets.*.prefixLength | The prefix length of the subnet
|
| systemd.services.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| systemd.paths.<name>.aliases | Aliases of that unit.
|
| systemd.units.<name>.aliases | Aliases of that unit.
|
| systemd.user.slices.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| systemd.user.paths.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| systemd.user.timers.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| services.nginx.proxyCachePath.<name>.levels | The levels parameter defines structure of subdirectories in cache: from
1 to 3, each level accepts values 1 or 2
|
| services.fedimintd.<name>.enable | Whether to enable fedimintd.
|
| services.nsd.zones.<name>.children | Children zones inherit all options of their parents
|
| services.agate.hostnames | Domain name of this Gemini server, enables checking hostname and port
in requests. (multiple occurrences means basic vhosts)
|
| services.xserver.displayManager.lightdm.greeters.gtk.cursorTheme.name | Name of the cursor theme to use for the lightdm-gtk-greeter.
|
| security.pam.services.<name>.sshAgentAuth | If set, the calling user's SSH agent is used to authenticate
against the keys in the calling user's
~/.ssh/authorized_keys
|
| services.tahoe.introducers.<name>.nickname | The nickname of this Tahoe introducer.
|
| power.ups.ups.<name>.maxStartDelay | This can be set as a global variable above your first UPS
definition and it can also be set in a UPS section
|
| services.awstats.configs.<name>.logFile | The log file to be scanned
|
| services.wordpress.sites.<name>.virtualHost.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.httpd.virtualHosts.<name>.listen.*.port | Port to listen on
|
| services.borgbackup.jobs.<name>.repo | Remote or local repository to back up to.
|
| services.iodine.clients.<name>.extraConfig | Additional command line parameters
|
| services.nginx.virtualHosts.<name>.listen.*.addr | Listen address.
|
| services.znc.confOptions.networks.<name>.useSSL | Whether to use SSL to connect to the IRC server.
|
| boot.initrd.extraFiles.<name>.source | The object to make available inside the initrd.
|
| services.geth.<name>.websocket.enable | Whether to enable Go Ethereum WebSocket API.
|
| services.udp-over-tcp.tcp2udp.<name>.recvTimeout | An application timeout on receiving data from the TCP socket.
|
| services.nebula.networks.<name>.relays | List of IPs of relays that this node should allow traffic from.
|
| services.udp-over-tcp.udp2tcp.<name>.recvTimeout | An application timeout on receiving data from the TCP socket.
|
| services.snapper.configs.<name>.FSTYPE | Filesystem type
|
| services.nginx.virtualHosts.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.wstunnel.clients.<name>.tlsSNI | Use this as the SNI while connecting via TLS
|
| services.cjdns.ETHInterface.connectTo.<name>.hostname | Optional hostname to add to /etc/hosts; prevents reverse lookup failures.
|
| services.cjdns.UDPInterface.connectTo.<name>.hostname | Optional hostname to add to /etc/hosts; prevents reverse lookup failures.
|
| services.drupal.sites.<name>.virtualHost.onlySSL | Whether to enable HTTPS and reject plain HTTP connections
|
| services.znapzend.zetup.<name>.destinations.<name>.plan | The znapzend backup plan to use for the source
|
| services.drupal.sites.<name>.virtualHost.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| security.pam.services.<name>.failDelay.enable | If enabled, this will replace the FAIL_DELAY setting from login.defs
|
| services.davis.nginx.locations.<name>.index | Adds index directive.
|
| services.davis.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.movim.nginx.locations.<name>.index | Adds index directive.
|
| services.slskd.nginx.locations.<name>.index | Adds index directive.
|
| services.movim.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.slskd.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.hans.clients.<name>.passwordFile | File that contains password
|
| services.nginx.virtualHosts.<name>.default | Makes this vhost the default.
|
| services.drupal.sites.<name>.virtualHost.adminAddr | E-mail address of the server administrator.
|
| services.graylog.rootUsername | Name of the default administrator user
|
| services.metricbeat.modules.<name>.module | The name of the module
|
| services.httpd.virtualHosts.<name>.sslServerKey | Path to server SSL certificate key.
|
| services.tinc.networks.<name>.debugLevel | The amount of debugging information to add to the log. 0 means little
logging while 5 is the most logging. man tincd for
more details.
|
| virtualisation.interfaces.<name>.name | Interface name
|
| services.nginx.proxyCachePath.<name>.useTempPath | Nginx first writes files that are destined for the cache to a temporary
storage area, and the use_temp_path=off directive instructs Nginx to
write them to the same directories where they will be cached
|
| services.tor.relay.onionServices.<name>.path | Path where to store the data files of the hidden service
|
| services.wstunnel.servers.<name>.tlsKey | TLS key to use instead of the hardcoded on in case of HTTPS connections
|
| services.fedimintd.<name>.api_ws.url | Public URL of the API address of the reverse proxy/tls terminator
|
| systemd.user.services.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| systemd.user.slices.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| systemd.user.timers.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| services.github-runners.<name>.user | User under which to run the service
|
| services.spiped.config.<name>.waitForDNS | Wait for DNS
|
| users.extraUsers.<name>.extraGroups | The user's auxiliary groups.
|
| services.rke2.autoDeployCharts.<name>.repo | The repo of the Helm chart
|
| services.httpd.virtualHosts.<name>.http2 | Whether to enable HTTP 2
|
| services.firezone.server.provision.accounts.<name>.groups.<name>.members | The members of this group
|
| services.opensearch.settings."cluster.name" | The name of the cluster.
|
| hardware.alsa.controls.<name>.device | Name of the PCM device to control (slave).
|
| services.firewalld.zones.<name>.ports.*.port | |
| services.sourcehut.settings."builds.sr.ht::worker".name | Listening address and listening port
of the build runner (with HTTP port if not 80).
|
| services.bitcoind.<name>.extraConfig | Additional configurations to be appended to bitcoin.conf.
|
| services.nsd.zones.<name>.dnssecPolicy.zsk.postPublish | How long after deactivation to keep a key in the zone
|
| services.nsd.zones.<name>.dnssecPolicy.ksk.postPublish | How long after deactivation to keep a key in the zone
|
| services.kanata.keyboards.<name>.port | Port to run the TCP server on. null will not run the server.
|
| services.sympa.settingsFile.<name>.enable | Whether this file should be generated
|
| services.postfix.masterConfig.<name>.args | Arguments to pass to the command
|
| services.syncoid.commands.<name>.sshKey | SSH private key file to use to login to the remote system
|
| services.tinc.networks.<name>.hostSettings.<name>.addresses.*.address | The external IP address or hostname where the host can be reached.
|
| boot.initrd.systemd.groups.<name>.gid | ID of the group in initrd.
|
| services.i2pd.ifname4 | IPv4 interface to bind to.
|
| services.i2pd.ifname6 | IPv6 interface to bind to.
|
| services.xserver.displayManager.lightdm.greeters.enso.cursorTheme.name | Name of the cursor theme to use for the lightdm-enso-os-greeter
|
| users.extraUsers.<name>.cryptHomeLuks | Path to encrypted luks device that contains
the user's home directory.
|
| services.kanidm.provision.systems.oauth2.<name>.preferShortUsername | Use 'name' instead of 'spn' in the preferred_username claim
|
| services.rke2.autoDeployCharts.<name>.hash | The hash of the packaged Helm chart
|
| services.gancio.nginx.locations.<name>.root | Root directory for requests.
|
| services.fedimintd.<name>.bitcoin.rpc.kind | Kind of a bitcoin node.
|
| services.akkoma.nginx.locations.<name>.root | Root directory for requests.
|
| services.fluidd.nginx.locations.<name>.root | Root directory for requests.
|
| services.snipe-it.nginx.locations.<name>.index | Adds index directive.
|
| services.matomo.nginx.locations.<name>.root | Root directory for requests.
|
| services.snipe-it.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.monica.nginx.locations.<name>.root | Root directory for requests.
|
| services.netbird.tunnels.<name>.dir.runtime | A runtime directory used by NetBird client.
|
| services.netbird.clients.<name>.dir.runtime | A runtime directory used by NetBird client.
|
| services.wyoming.piper.servers.<name>.extraArgs | Extra arguments to pass to the server commandline.
|
| services.wyoming.piper.servers.<name>.enable | Whether to enable Wyoming Piper server.
|
| services.fedimintd.<name>.bitcoin.rpc.url | Bitcoin node (bitcoind/electrum/esplora) address to connect to
|
| services.ddclient.username | User name.
|
| services.dokuwiki.sites.<name>.phpPackage | The php package to use.
|
| services.redis.servers.<name>.requirePassFile | File with password for the database.
|