| services.bitcoind.<name>.testnet | Whether to use the testnet instead of mainnet.
|
| services.drupal.sites.<name>.virtualHost | Apache configuration can be done by adapting services.httpd.virtualHosts.
|
| services.udp-over-tcp.udp2tcp.<name>.forward | The IP and port to forward all traffic to.
|
| services.udp-over-tcp.tcp2udp.<name>.forward | The IP and port to forward all traffic to.
|
| services.udp-over-tcp.tcp2udp.<name>.nodelay | Enables TCP_NODELAY on the TCP socket.
|
| services.nsd.zones.<name>.rrlWhitelist | Whitelists the given rrl-types.
|
| services.udp-over-tcp.udp2tcp.<name>.nodelay | Enables TCP_NODELAY on the TCP socket.
|
| fileSystems.<name>.enable | Whether to enable the filesystem mount.
|
| services.keepalived.vrrpScripts.<name>.group | Name of group to run the script under
|
| containers.<name>.flake | The Flake URI of the NixOS configuration to use for the container
|
| services.tinc.networks.<name>.hostSettings.<name>.subnets.*.prefixLength | The prefix length of the subnet
|
| security.pam.services.<name>.updateWtmp | Whether to update /var/log/wtmp.
|
| services.h2o.hosts.<name>.tls.identity.*.key-file | Path to key file
|
| services.prosody.virtualHosts.<name>.ssl | Paths to SSL files
|
| services.nebula.networks.<name>.isRelay | Whether this node is a relay.
|
| services.logcheck.ignoreCron.<name>.user | User that runs the cronjob.
|
| services.nsd.zones.<name>.maxRefreshSecs | Limit refresh time for secondary zones
|
| services.nginx.virtualHosts.<name>.quic | Whether to enable the QUIC transport protocol
|
| services.tahoe.nodes.<name>.storage.enable | Whether to enable storage service.
|
| services.wyoming.piper.servers.<name>.uri | URI to bind the wyoming server to.
|
| security.acme.certs.<name>.group | Group running the ACME client.
|
| services.drupal.sites.<name>.extraConfig | Extra configuration values that you want to insert into settings.php
|
| services.phpfpm.pools.<name>.phpOptions | "Options appended to the PHP configuration file php.ini used for this PHP-FPM pool."
|
| services.fedimintd.<name>.enable | Whether to enable fedimintd.
|
| security.pam.services.<name>.enableUMask | If enabled, the pam_umask module will be loaded.
|
| services.acpid.handlers.<name>.action | Shell commands to execute when the event is triggered.
|
| services.logcheck.ignore.<name>.regex | Regex specifying which log lines to ignore.
|
| services.postfix.masterConfig.<name>.type | The type of the service
|
| systemd.shutdownRamfs.contents.<name>.dlopen.features | Features to enable via dlopen ELF notes
|
| image.repart.partitions.<name>.contents.<name>.source | Path of the source file.
|
| services.nsd.zones.<name>.dnssecPolicy.keyttl | TTL for dnssec records
|
| systemd.user.targets.<name>.documentation | A list of URIs referencing documentation for this unit or its configuration.
|
| systemd.user.sockets.<name>.documentation | A list of URIs referencing documentation for this unit or its configuration.
|
| services.fedimintd.<name>.nginx.config.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.znapzend.zetup.<name>.plan | The znapzend backup plan to use for the source
|
| security.pam.services.<name>.rssh | If set, the calling user's SSH agent is used to authenticate
against the configured keys
|
| services.xserver.displayManager.lightdm.greeters.slick.font.name | Name of the font to use.
|
| services.filebeat.inputs.<name>.type | The input type
|
| services.redis.servers.<name>.save | The schedule in which data is persisted to disk, represented as a list of lists where the first element represent the amount of seconds and the second the number of changes
|
| services.wordpress.sites.<name>.extraConfig | Any additional text to be appended to the wp-config.php
configuration file
|
| services.xserver.displayManager.lightdm.greeters.gtk.theme.name | Name of the theme to use for the lightdm-gtk-greeter.
|
| services.netbird.tunnels.<name>.logLevel | Log level of the NetBird daemon.
|
| services.netbird.clients.<name>.logLevel | Log level of the NetBird daemon.
|
| services.i2pd.inTunnels.<name>.crypto.tagsToSend | Number of ElGamal/AES tags to send.
|
| services.firezone.server.provision.accounts.<name>.actors.<name>.email | The email address used to authenticate as this account
|
| services.tinc.networks.<name>.hostSettings.<name>.addresses.*.address | The external IP address or hostname where the host can be reached.
|
| services.phpfpm.pools.<name>.extraConfig | Extra lines that go into the pool configuration
|
| services.bacula-sd.director.<name>.tls.key | The path of a PEM encoded TLS private key
|
| services.bacula-fd.director.<name>.tls.key | The path of a PEM encoded TLS private key
|
| services.nghttpx.backends.*.params.dns | Name resolution of a backends host name is done at start up,
or configuration reload
|
| services.znapzend.zetup.<name>.destinations.<name>.plan | The znapzend backup plan to use for the source
|
| security.pam.services.<name>.nodelay | Whether the delay after typing a wrong password should be disabled.
|
| services.frp.instances.<name>.enable | Whether to enable frp.
|
| services.akkoma.frontends.<name>.ref | Akkoma frontend reference.
|
| services.redis.servers.<name>.unixSocketPerm | Change permissions for the socket
|
| services.tinc.networks.<name>.package | The tinc_pre package to use.
|
| security.pam.services.<name>.failDelay.delay | The delay time (in microseconds) on failure.
|
| users.extraUsers.<name>.createHome | Whether to create the home directory and ensure ownership as well as
permissions to match the user.
|
| services.honk.servername | The server name.
|
| services.dokuwiki.sites.<name>.aclFile | Location of the dokuwiki acl rules
|
| services.firezone.server.provision.accounts.<name>.auth.<name>.adapter | The auth adapter type
|
| services.tahoe.introducers.<name>.nickname | The nickname of this Tahoe introducer.
|
| services.blockbook-frontend.<name>.certFile | To enable SSL, specify path to the name of certificate files without extension
|
| boot.initrd.extraFiles.<name>.source | The object to make available inside the initrd.
|
| security.pam.services.<name>.fprintAuth | If set, fingerprint reader will be used (if exists and
your fingerprints are enrolled).
|
| services.httpd.virtualHosts.<name>.adminAddr | E-mail address of the server administrator.
|
| services.prosody.virtualHosts.<name>.ssl.key | Path to the key file.
|
| nix.registry.<name>.exact | Whether the from reference needs to match exactly
|
| boot.initrd.luks.devices.<name>.preLVM | Whether the luksOpen will be attempted before LVM scan or after it.
|
| services.metricbeat.modules.<name>.module | The name of the module
|
| services.xserver.xkb.extraLayouts.<name>.symbolsFile | The path to the xkb symbols file
|
| services.dokuwiki.sites.<name>.acl.*.level | Permission level to restrict the actor(s) to
|
| services.bepasty.servers.<name>.workDir | Path to the working directory (used for config and pidfile)
|
| services.spiped.config.<name>.encrypt | Take unencrypted connections from the
source socket and send encrypted
connections to the target socket.
|
| services.spiped.config.<name>.decrypt | Take encrypted connections from the
source socket and send unencrypted
connections to the target socket.
|
| services.h2o.hosts.<name>.tls.extraSettings | Additional TLS/SSL-related configuration options
|
| services.bitcoind.<name>.extraConfig | Additional configurations to be appended to bitcoin.conf.
|
| services.fedimintd.<name>.nginx.path | Path to host the API on and forward to the daemon's api port
|
| services.pppd.peers.<name>.autostart | Whether the PPP session is automatically started at boot time.
|
| services.fedimintd.<name>.nginx.config.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.i2pd.outTunnels.<name>.crypto.tagsToSend | Number of ElGamal/AES tags to send.
|
| services.tahoe.nodes.<name>.sftpd.hostPublicKeyFile | Path to the SSH host public key.
|
| security.pam.services.<name>.limits | Attribute set describing resource limits
|
| security.pam.services.<name>.limits.*.value | Value of this limit
|
| services.k3s.manifests.<name>.source | Path of the source .yaml file.
|
| services.k3s.manifests.<name>.enable | Whether this manifest file should be generated.
|
| services.drupal.sites.<name>.database.user | Database user.
|
| services.wordpress.sites.<name>.virtualHost.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| power.ups.upsmon.monitor.<name>.type | The relationship with upsd
|
| services.inadyn.settings.provider.<name>.hostname | Hostname alias(es).
|
| services.inadyn.settings.provider.<name>.username | Username for this DDNS provider.
|
| services.httpd.virtualHosts.<name>.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| services.nginx.virtualHosts.<name>.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| services.ndppd.proxies.<name>.timeout | Controls how long to wait for a Neighbor Advertisement Message before
invalidating the entry, in milliseconds.
|
| services.redis.servers.<name>.group | Group account under which this instance of redis-server runs.
If left as the default value this group will automatically be
created on system activation, otherwise you are responsible for
ensuring the group exists before the redis service starts.
|
| systemd.shutdownRamfs.contents.<name>.dlopen.usePriority | Priority of dlopen ELF notes to include. "required" is
minimal, "recommended" includes "required", and
"suggested" includes "recommended"
|
| services.redis.servers.<name>.extraParams | Extra parameters to append to redis-server invocation
|
| users.users.<name>.useDefaultShell | If true, the user's shell will be set to
users.defaultUserShell.
|
| services.firewalld.zones.<name>.short | Short description for the zone.
|
| services.firewalld.zones.<name>.ports | Ports to allow in the zone.
|