| services.minio.enable | Whether to enable Minio Object Storage.
|
| services.smartd.notifications.mail.enable | Whenever to send e-mail notifications.
|
| services.prometheus.remoteRead.*.proxy_url | Optional Proxy URL.
|
| services.pghero.package | The pghero package to use.
|
| services.mysql.settings | MySQL configuration
|
| services.prometheus.exporters.junos-czerwonk.user | User name under which the junos-czerwonk exporter shall be run.
|
| services.prometheus.exporters.dmarc.user | User name under which the dmarc exporter shall be run.
|
| services.prometheus.scrapeConfigs.*.eureka_sd_configs.*.oauth2.scopes | Scopes for the token request.
|
| services.tautulli.port | TCP port where Tautulli listens.
|
| services.taler.exchange.settings | Configuration options for the taler exchange config file
|
| services.maddy.config | Server configuration, see
https://maddy.email for
more information
|
| services.namecoind.rpc.address | IP address the RPC server will bind to.
|
| services.umurmur.settings.max_bandwidth | Maximum bandwidth (in bits per second) that clients may send
speech at.
|
| services.netclient.enable | Whether to enable Netclient Daemon.
|
| services.outline.oidcAuthentication.scopes | OpenID authentication scopes.
|
| services.syncthing.overrideDevices | Whether to delete the devices which are not configured via the
devices option
|
| services.pinchflat.extraConfig | The configuration of Pinchflat is handled through environment variables
|
| services.syncoid.package | The sanoid package to use.
|
| services.nsd.tcpQueryCount | Maximum number of queries served on a single TCP connection.
0 means no maximum.
|
| services.saunafs.metalogger.settings.DATA_PATH | Data storage directory
|
| services.suricata.settings.vars.port-groups | The port group variables for suricata.
|
| services.locate.extraFlags | Extra flags to pass to updatedb.
|
| services.netbird.clients | Attribute set of NetBird client daemons, by default each one will:
- be manageable using dedicated tooling:
netbird-<name> script,NetBird - netbird-<name> graphical interface when appropriate (see ui.enable),
- run as a
netbird-<name>.service,
- listen for incoming remote connections on the port
51820 (openFirewall by default),
- manage the
netbird-<name> wireguard interface,
- use the /var/lib/netbird-/config.json configuration file,
- override /var/lib/netbird-/config.json with values from /etc/netbird-/config.d/*.json,
- (
hardened) be locally manageable by netbird-<name> system group,
With following caveats:
- multiple daemons will interfere with each other's DNS resolution of
netbird.cloud, but
should remain fully operational otherwise
|
| services.oauth2-proxy.redirectURL | The OAuth2 redirect URL.
|
| services.peertube-runner.settings | Configuration for peertube-runner
|
| services.snipe-it.database.user | Database username.
|
| services.smartd.notifications.wall.enable | Whenever to send wall notifications to all users.
|
| services.nbd.server.exports.<name>.allowAddresses | IPs and subnets that are authorized to connect for this device
|
| services.netbird.clients.<name>.dir.runtime | A runtime directory used by NetBird client.
|
| services.plantuml-server.home | Home directory of the PlantUML server instance.
|
| services.prometheus.exporters.pve.port | Port to listen on.
|
| services.prometheus.exporters.artifactory.extraFlags | Extra commandline options to pass to the artifactory exporter.
|
| services.ncps.cache.databaseURLFile | File containing the URL of the database.
|
| services.nginx.proxyCachePath.<name>.inactive | Cached data that has not been accessed for the time specified by
the inactive parameter is removed from the cache, regardless of
its freshness.
|
| services.prometheus.scrapeConfigs.*.dockerswarm_sd_configs.*.authorization | Optional Authorization header configuration.
|
| services.plex.user | User account under which Plex runs.
|
| services.tayga.ipv4 | IPv4-specific configuration.
|
| services.qui.settings.host | The host address qui listens on.
|
| services.prometheus.listenAddress | Address to listen on for the web interface, API, and telemetry.
|
| services.rabbitmq.managementPlugin.port | On which port to run the management plugin
|
| services.suricata.settings.run-as.group | Run Suricata with a specific group-id.
|
| services.monica.nginx.listen.*.port | Port number to listen on
|
| services.netbird.server.management.extraOptions | Additional options given to netbird-mgmt as commandline arguments.
|
| services.nginx.virtualHosts.<name>.http2 | Whether to enable the HTTP/2 protocol
|
| services.mailman.webUser | User to run mailman-web as
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.oauth2.client_id | OAuth client ID.
|
| services.public-inbox.enable | Whether to enable the public-inbox mail archiver.
|
| services.ollama.enable | Whether to enable ollama server for local large language models.
|
| services.prometheus.exporters.klipper.group | Group under which the klipper exporter shall be run.
|
| services.sympa.settingsFile.<name>.enable | Whether this file should be generated
|
| services.prometheus.exporters.mongodb.telemetryPath | Metrics expose path
|
| services.system76-scheduler.settings.processScheduler.foregroundBoost.foreground.ioPrio | IO scheduler priority.
|
| services.syncthing.relay.enable | Whether to enable Syncthing relay service.
|
| services.limesurvey.httpd.virtualHost.http2 | Whether to enable HTTP 2
|
| services.postgresql.package | The package being used by postgresql.
|
| services.prometheus.exporters.unpoller.loki.verify_ssl | Verify Loki's certificate.
|
| services.matrix-alertmanager.homeserverUrl | URL of the Matrix homeserver to use.
|
| services.ncdns.settings | ncdns settings
|
| services.tuned.settings.dynamic_tuning | Whether to enable dynamic tuning.
|
| services.turn-rs.settings | Turn-rs server config file
|
| services.nominatim.database.host | Host of the postgresql server
|
| services.radicle.ci.broker.settings.adapters | CI adapters
|
| services.prosody.modules.server_contact_info | Publish contact information for this service
|
| services.prometheus.exporters.artifactory.artiAccessToken | Access token for authentication against JFrog Artifactory API
|
| services.public-inbox.inboxes.<name>.watchheader | If specified, public-inbox-watch(1) will only process
mail containing a matching header.
|
| services.rsync.jobs.<name>.sources | Source directories.
|
| services.reposilite.database.host | Database host address.
|
| services.mastodon.webProcesses | Processes used by the mastodon-web service.
|
| services.logstash.dataDir | A path to directory writable by logstash that it uses to store data
|
| services.lvm.boot.vdo.enable | Whether to enable support for booting from VDOLVs.
|
| services.smartd.devices | List of devices to monitor.
|
| services.pixelfed.runtimeDir | Ruutime directory of the pixelfed user which holds
the application's caches and temporary files.
|
| services.navidrome.package | The navidrome package to use.
|
| services.limesurvey.nginx.virtualHost.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.misskey.reverseProxy.webserver.nginx.globalRedirect | If set, all requests for this host are redirected (defaults to 301,
configurable with redirectCode) to the given hostname.
|
| services.prometheus.exporters.mqtt.esphomeTopicPrefixes | MQTT topic used for ESPHome messages.
|
| services.phpfpm.pools | PHP-FPM pools
|
| services.overseerr.package | The overseerr package to use.
|
| services.readarr.group | Group under which Readarr runs.
|
| services.tts.servers.<name>.enable | Whether to enable Coqui TTS server.
|
| services.sshwifty.settings | Configuration for Sshwifty
|
| services.marytts.package | The marytts package to use.
|
| services.pdfding.gunicorn.extraArgs | Command line arguments passed to Gunicorn server.
|
| services.mlmmj.listDomain | Set the mailing list domain
|
| services.subsonic.transcoders | List of paths to transcoder executables that should be accessible
from Subsonic
|
| services.moosefs.master.openFirewall | Whether to automatically open required firewall ports for master service.
|
| services.tarsnap.enable | Whether to enable periodic tarsnap backups.
|
| services.prometheus.scrapeConfigs.*.openstack_sd_configs.*.username | username is required if using Identity V2 API
|
| services.softether.vpnserver.enable | Whether to enable SoftEther VPN Server.
|
| services.terraria.worldPath | The path to the world file (.wld) which should be loaded
|
| services.opensearch.settings."network.host" | Which port this service should listen on.
|
| services.prometheus.exporters.kafka.listenAddress | Address to listen on.
|
| services.redsocks.redsocks.*.redirectInternetOnly | Exclude all non-globally-routable IPs from redsocks
|
| services.mediawiki.httpd.virtualHost.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| services.prometheus.exporters.dnsmasq.leasesPath | Path to the dnsmasq.leases file.
|
| services.mbpfan.settings.general.polling_interval | The polling interval.
|
| services.nextcloud-spreed-signaling.settings.https.listen | IP and port to listen on for HTTPS requests, in the format of ip:port
|
| services.radicle.ci.adapters.native.instances.<name>.settings | Configuration of radicle-native-ci
|
| services.snipe-it.nginx.locations.<name>.root | Root directory for requests.
|
| services.tcsd.kernelPCRs | PCR indices used in the TPM for kernel measurements.
|