| systemd.user.services.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| services.rke2.autoDeployCharts.<name>.repo | The repo of the Helm chart
|
| services.postfix.masterConfig.<name>.type | The type of the service
|
| services.prometheus.exporters.bird.birdSocket | Path to BIRD2 (or BIRD1 v4) socket.
|
| services.xserver.xkb.extraLayouts.<name>.compatFile | The path to the xkb compat file
|
| security.pam.services.<name>.enableUMask | If enabled, the pam_umask module will be loaded.
|
| services.acpid.handlers.<name>.action | Shell commands to execute when the event is triggered.
|
| services.logcheck.ignore.<name>.regex | Regex specifying which log lines to ignore.
|
| services.wordpress.sites.<name>.virtualHost.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.buildkite-agents.<name>.tags | Tags for the agent.
|
| services.quicktun.<name>.protocol | Which protocol to use.
|
| services.drupal.sites.<name>.extraConfig | Extra configuration values that you want to insert into settings.php
|
| services.quicktun.<name>.timeWindow | Allowed time window for first received packet in seconds (positive number allows packets from history)
|
| services.fedimintd.<name>.nginx.config.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.nginx.virtualHosts.<name>.quic | Whether to enable the QUIC transport protocol
|
| services.nghttpx.backends.*.params.dns | Name resolution of a backends host name is done at start up,
or configuration reload
|
| services.ax25.axports.<name>.callsign | The callsign of the physical interface to bind to.
|
| services.kimai.sites.<name>.database.host | Database host address.
|
| services.kimai.sites.<name>.database.port | Database host port.
|
| services.netbird.tunnels.<name>.logLevel | Log level of the NetBird daemon.
|
| services.netbird.clients.<name>.logLevel | Log level of the NetBird daemon.
|
| services.uhub.<name>.plugins.*.settings | Settings specific to this plugin.
|
| users.extraUsers.<name>.shell | The path to the user's shell
|
| services.limesurvey.nginx.virtualHost.listen.*.port | Port number to listen on
|
| systemd.targets.<name>.wants | Start the specified units when this unit is started.
|
| services.nsd.zones.<name>.maxRefreshSecs | Limit refresh time for secondary zones
|
| services.firezone.server.provision.accounts.<name>.actors.<name>.email | The email address used to authenticate as this account
|
| services.filebeat.inputs.<name>.type | The input type
|
| services.tahoe.nodes.<name>.client.helper | The furl for a Tahoe helper node
|
| systemd.services.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| services.rke2.autoDeployCharts.<name>.hash | The hash of the packaged Helm chart
|
| image.repart.partitions.<name>.contents.<name>.source | Path of the source file.
|
| services.headscale.settings.database.postgres.name | Database name.
|
| services.frp.instances.<name>.enable | Whether to enable frp.
|
| services.akkoma.frontends.<name>.ref | Akkoma frontend reference.
|
| services.tinc.networks.<name>.package | The tinc_pre package to use.
|
| services.github-runners.<name>.package | The github-runner package to use.
|
| systemd.user.units.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| systemd.user.paths.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| security.pam.services.<name>.nodelay | Whether the delay after typing a wrong password should be disabled.
|
| services.firezone.server.provision.accounts.<name>.auth.<name>.adapter | The auth adapter type
|
| services.znapzend.zetup.<name>.plan | The znapzend backup plan to use for the source
|
| services.github-runners.<name>.user | User under which to run the service
|
| users.extraUsers.<name>.pamMount | Attributes for user's entry in
pam_mount.conf.xml
|
| services.matrix-synapse.settings.listeners.*.tls | Whether to enable TLS on the listener socket.
This option will be ignored for UNIX domain sockets.
|
| services.httpd.virtualHosts.<name>.adminAddr | E-mail address of the server administrator.
|
| services.nsd.zones.<name>.dnssecPolicy.zsk.keySize | Key size in bits
|
| services.tor.relay.onionServices.<name>.map | See torrc manual.
|
| services.nsd.zones.<name>.dnssecPolicy.ksk.keySize | Key size in bits
|
| services.honk.servername | The server name.
|
| systemd.services.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| security.pam.services.<name>.fprintAuth | If set, fingerprint reader will be used (if exists and
your fingerprints are enrolled).
|
| services.gitwatch.<name>.message | Optional text to use in as commit message; all occurrences of %d will be replaced by formatted date/time
|
| fileSystems.<name>.encrypted.label | Label of the unlocked encrypted device
|
| services.dokuwiki.sites.<name>.aclFile | Location of the dokuwiki acl rules
|
| systemd.targets.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| security.pam.services.<name>.rssh | If set, the calling user's SSH agent is used to authenticate
against the configured keys
|
| services.h2o.hosts.<name>.acme.useHost | An existing Let’s Encrypt certificate to use for this virtual
host
|
| security.pam.services.<name>.limits.*.value | Value of this limit
|
| services.k3s.manifests.<name>.source | Path of the source .yaml file.
|
| services.k3s.manifests.<name>.enable | Whether this manifest file should be generated.
|
| services.fedimintd.<name>.nginx.path | Path to host the API on and forward to the daemon's api port
|
| services.pppd.peers.<name>.autostart | Whether the PPP session is automatically started at boot time.
|
| services.inadyn.settings.provider.<name>.hostname | Hostname alias(es).
|
| services.inadyn.settings.provider.<name>.username | Username for this DDNS provider.
|
| services.nginx.virtualHosts.<name>.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.redis.servers.<name>.save | The schedule in which data is persisted to disk, represented as a list of lists where the first element represent the amount of seconds and the second the number of changes
|
| services.dokuwiki.sites.<name>.acl.*.level | Permission level to restrict the actor(s) to
|
| services.bepasty.servers.<name>.workDir | Path to the working directory (used for config and pidfile)
|
| services.firewalld.zones.<name>.short | Short description for the zone.
|
| services.firewalld.zones.<name>.ports | Ports to allow in the zone.
|
| services.firewalld.zones.<name>.rules | Rich rules for the zone.
|
| services.restic.backups.<name>.package | The restic package to use.
|
| fileSystems.<name>.mountPoint | Location where the file system will be mounted
|
| systemd.user.slices.<name>.wants | Start the specified units when this unit is started.
|
| systemd.user.timers.<name>.wants | Start the specified units when this unit is started.
|
| services.sourcehut.settings."lists.sr.ht::worker".sock-group | The lmtp daemon will make the unix socket group-read/write
for users in this group.
|
| services.onlyoffice.postgresPasswordFile | Path to a file that contains the password OnlyOffice should use to connect to Postgresql
|
| services.redis.servers.<name>.extraParams | Extra parameters to append to redis-server invocation
|
| services.ndppd.proxies.<name>.timeout | Controls how long to wait for a Neighbor Advertisement Message before
invalidating the entry, in milliseconds.
|
| services.quicktun.<name>.remoteFloat | Whether to allow the remote address and port to change when properly encrypted packets are received.
|
| services.fedimintd.<name>.package | The fedimint package to use.
|
| services.rspamd.overrides.<name>.text | Text of the file.
|
| security.pam.services.<name>.limits | Attribute set describing resource limits
|
| systemd.user.services.<name>.scriptArgs | Arguments passed to the main process script
|
| services.tahoe.nodes.<name>.storage.enable | Whether to enable storage service.
|
| services.wyoming.piper.servers.<name>.uri | URI to bind the wyoming server to.
|
| systemd.units.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| systemd.timers.<name>.bindsTo | Like ‘requires’, but in addition, if the specified units
unexpectedly disappear, this unit will be stopped as well.
|
| systemd.paths.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| systemd.slices.<name>.bindsTo | Like ‘requires’, but in addition, if the specified units
unexpectedly disappear, this unit will be stopped as well.
|
| services.xserver.xkb.extraLayouts.<name>.symbolsFile | The path to the xkb symbols file
|
| services.fedimintd.<name>.nginx.fqdn | Public domain of the API address of the reverse proxy/tls terminator.
|
| services.h2o.hosts.<name>.tls.identity.*.key-file | Path to key file
|
| services.buildkite-agents.<name>.dataDir | The workdir for the agent
|
| services.httpd.virtualHosts.<name>.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| services.nginx.virtualHosts.<name>.acmeRoot | Directory for the ACME challenge, which is public
|
| services.fedimintd.<name>.dataDir | Path to the data dir fedimintd will use to store its data
|
| services.httpd.virtualHosts.<name>.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| services.nginx.virtualHosts.<name>.addSSL | Whether to enable HTTPS in addition to plain HTTP
|