| systemd.paths.<name>.aliases | Aliases of that unit.
|
| systemd.units.<name>.aliases | Aliases of that unit.
|
| systemd.user.units.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| systemd.user.paths.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| services.sourcehut.settings."builds.sr.ht::worker".name | Listening address and listening port
of the build runner (with HTTP port if not 80).
|
| services.spiped.config.<name>.source | Address on which spiped should listen for incoming
connections
|
| services.hostapd.radios.<name>.driver | The driver hostapd will use.
nl80211 is used with all Linux mac80211 drivers.
none is used if building a standalone RADIUS server that does
not control any wireless/wired driver
|
| services.redis.servers.<name>.masterAuth | If the master is password protected (using the requirePass configuration)
it is possible to tell the slave to authenticate before starting the replication synchronization
process, otherwise the master will refuse the slave request.
(STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)
|
| services.tinc.networks.<name>.hostSettings.<name>.subnets.*.address | The subnet of this host
|
| services.vault-agent.instances.<name>.group | Group under which this instance runs.
|
| services.jupyterhub.kernels.<name>.displayName | Name that will be shown to the user.
|
| services.wstunnel.servers.<name>.listen.host | The hostname.
|
| services.wstunnel.servers.<name>.listen.port | The port.
|
| systemd.services.<name>.conflicts | If the specified units are started, then this unit is stopped
and vice versa.
|
| services.openvpn.servers | Each attribute of this option defines a systemd service that
runs an OpenVPN instance
|
| services.restic.backups.<name>.extraBackupArgs | Extra arguments passed to restic backup.
|
| services.redis.servers.<name>.openFirewall | Whether to open ports in the firewall for the server.
|
| services.firewalld.services.<name>.short | Short description for the service.
|
| services.firewalld.zones.<name>.services | Services to allow in the zone.
|
| services.davis.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.slskd.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.movim.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.borgbackup.jobs.<name>.paths | Path(s) to back up
|
| services.znapzend.zetup.<name>.mbuffer.size | The size for mbuffer
|
| services.wstunnel.clients.<name>.soMark | Mark network packets with the SO_MARK sockoption with the specified value
|
| services.udp-over-tcp.tcp2udp.<name>.sendBufferSize | If given, sets the SO_SNDBUF option on the TCP socket to the given number of bytes
|
| services.redis.servers.<name>.requirePass | Password for database (STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)
|
| services.udp-over-tcp.udp2tcp.<name>.sendBufferSize | If given, sets the SO_SNDBUF option on the TCP socket to the given number of bytes
|
| services.udp-over-tcp.tcp2udp.<name>.recvBufferSize | If given, sets the SO_RCVBUF option on the TCP socket to the given number of bytes
|
| services.udp-over-tcp.udp2tcp.<name>.recvBufferSize | If given, sets the SO_RCVBUF option on the TCP socket to the given number of bytes
|
| services.icecast.hostname | DNS name or IP address that will be used for the stream directory lookups or possibly the playlist generation if a Host header is not provided.
|
| services.httpd.virtualHosts.<name>.enableACME | Whether to ask Let's Encrypt to sign a certificate for this vhost
|
| services.nginx.virtualHosts.<name>.enableACME | Whether to ask Let's Encrypt to sign a certificate for this vhost
|
| security.pam.services.<name>.enableAppArmor | Enable support for attaching AppArmor profiles at the
user/group level, e.g., as part of a role based access
control scheme.
|
| services.anubis.instances.<name>.user | The user under which Anubis is run
|
| services.k3s.autoDeployCharts.<name>.version | The version of the Helm chart
|
| users.extraUsers.<name>.pamMount | Attributes for user's entry in
pam_mount.conf.xml
|
| services.xserver.displayManager.lightdm.greeters.slick.iconTheme.name | Name of the icon theme to use for the lightdm-slick-greeter.
|
| systemd.user.slices.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| systemd.user.timers.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| systemd.user.slices.<name>.wants | Start the specified units when this unit is started.
|
| systemd.user.timers.<name>.wants | Start the specified units when this unit is started.
|
| services.firezone.server.provision.accounts.<name>.resources.<name>.type | The resource type
|
| services.kmonad.keyboards.<name>.config | Keyboard configuration.
|
| services.opkssh.providers.<name>.issuer | Issuer URI
|
| hardware.alsa.cardAliases.<name>.driver | Name of the kernel module that provides the card.
|
| security.pam.services.<name>.sssdStrictAccess | enforce sssd access control
|
| services.tinc.networks.<name>.rsaPrivateKeyFile | Path of the private RSA keyfile.
|
| services.udp-over-tcp.tcp2udp.<name>.openFirewall | Open the appropriate ports in the firewall.
|
| services.udp-over-tcp.udp2tcp.<name>.openFirewall | Open the appropriate ports in the firewall.
|
| services.public-inbox.inboxes.<name>.address | The email addresses of the public-inbox.
|
| services.postfix.settings.master.<name>.type | The type of the service
|
| services.suricata.settings.outputs.*.<name>.enabled | Whether to enable .
|
| services.xserver.xkb.extraLayouts.<name>.geometryFile | The path to the xkb geometry file
|
| services.geth.<name>.authrpc.jwtsecret | Path to a JWT secret for authenticated RPC endpoint.
|
| services.geth.<name>.websocket.address | Listen address of Go Ethereum WebSocket API.
|
| services.borgbackup.jobs.<name>.postInit | Shell commands to run after borg init.
|
| services.wstunnel.servers.<name>.autoStart | Whether to enable starting this wstunnel instance automatically.
|
| services.wstunnel.clients.<name>.autoStart | Whether to enable starting this wstunnel instance automatically.
|
| services.drupal.sites.<name>.database.socket | Path to the unix socket file to use for authentication.
|
| services.nsd.zones.<name>.dnssecPolicy.zsk.postPublish | How long after deactivation to keep a key in the zone
|
| services.nsd.zones.<name>.dnssecPolicy.ksk.postPublish | How long after deactivation to keep a key in the zone
|
| services.borgbackup.repos.<name>.path | Where to store the backups
|
| security.pam.services.<name>.logFailures | Whether to log authentication failures in /var/log/faillog.
|
| services.tinc.networks.<name>.settings | Configuration of the Tinc daemon for this network
|
| services.borgbackup.jobs.<name>.preHook | Shell commands to run before the backup
|
| systemd.services.<name>.serviceConfig | Each attribute in this set specifies an option in the
[Service] section of the unit
|
| services.wstunnel.clients.<name>.addNetBind | Whether to enable Whether add CAP_NET_BIND_SERVICE to the tunnel service, this should be enabled if you want to bind port < 1024.
|
| services.awstats.configs.<name>.logFormat | The log format being used
|
| services.znapzend.zetup.<name>.presnap | Command to run before snapshots are taken on the source dataset,
e.g. for database locking/flushing
|
| services.geoclue2.appConfig.<name>.users | List of UIDs of all users for which this application is allowed location
info access, Defaults to an empty string to allow it for all users.
|
| services.hostapd.radios.<name>.networks.<name>.dynamicConfigScripts | All of these scripts will be executed in lexicographical order before hostapd
is started, right after the bss segment was generated and may dynamically
append bss options to the generated configuration file
|
| security.acme.certs.<name>.csrKey | Path to the private key to the matching certificate signing request.
|
| users.extraUsers.<name>.extraGroups | The user's auxiliary groups.
|
| services.easytier.instances.<name>.settings | Settings to generate easytier-‹name›.toml
|
| services.geoclue2.appConfig.<name>.isSystem | Whether the application is a system component or not.
|
| services.rspamd.overrides.<name>.source | Path of the source file.
|
| services.sanoid.templates.<name>.hourly | Number of hourly snapshots.
|
| services.sanoid.templates.<name>.yearly | Number of yearly snapshots.
|
| boot.initrd.systemd.users.<name>.uid | ID of the user in initrd.
|
| services.snipe-it.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.wyoming.piper.servers.<name>.noiseScale | Generator noise value.
|
| services.nginx.virtualHosts.<name>.http2 | Whether to enable the HTTP/2 protocol
|
| services.httpd.virtualHosts.<name>.sslServerChain | Path to server SSL chain file.
|
| services.tarsnap.archives.<name>.maxbwRateUp | Upload bandwidth rate limit in bytes.
|
| systemd.user.services.<name>.conflicts | If the specified units are started, then this unit is stopped
and vice versa.
|
| services.drupal.sites.<name>.virtualHost.listen.*.ssl | Whether to enable SSL (https) support.
|
| services.caddy.virtualHosts.<name>.extraConfig | Additional lines of configuration appended to this virtual host in the
automatically generated Caddyfile.
|
| services.netbird.clients.<name>.autoStart | Start the service with the system
|
| services.netbird.tunnels.<name>.autoStart | Start the service with the system
|
| services.openvpn.servers.<name>.config | Configuration of this OpenVPN instance
|
| services.nginx.proxyCachePath.<name>.inactive | Cached data that has not been accessed for the time specified by
the inactive parameter is removed from the cache, regardless of
its freshness.
|
| services.restic.backups.<name>.timerConfig | When to run the backup
|
| services.k3s.autoDeployCharts.<name>.enable | Whether to enable the installation of this Helm chart
|
| services.firewalld.zones.<name>.version | Version of the zone.
|
| services.xserver.displayManager.lightdm.greeters.gtk.cursorTheme.name | Name of the cursor theme to use for the lightdm-gtk-greeter.
|
| services.kmonad.keyboards.<name>.device | Path to the keyboard's device file.
|
| services.errbot.instances.<name>.admins | List of identifiers of errbot admins.
|
| services.firewalld.zones.<name>.icmpBlocks | ICMP types to block in the zone.
|
| services.anubis.instances.<name>.enable | Whether to enable this instance of Anubis.
|