| services.lubelogger.environmentFile | Path to a file containing extra LubeLogger config options in the systemd EnvironmentFile format
|
| services.system76-scheduler.settings.cfsProfiles.responsive.preempt | Preemption mode.
|
| services.prometheus.scrapeConfigs.*.http_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.system76-scheduler.settings.cfsProfiles.responsive.nr-latency | sched_nr_latency.
|
| system.nssDatabases.group | List of group entries to configure in /etc/nsswitch.conf
|
| system.nssDatabases.hosts | List of hosts entries to configure in /etc/nsswitch.conf
|
| system.nssDatabases.shadow | List of shadow entries to configure in /etc/nsswitch.conf
|
| services.prometheus.scrapeConfigs.*.hetzner_sd_configs.*.tls_config.key_file | Key file for client cert authentication to the server.
|
| services.cloudflared.tunnels.<name>.credentialsFile | Credential file
|
| services.matrix-synapse.settings.log_config | The file that holds the logging configuration.
|
| services.siproxd.passwordFile | Path to per-user password file.
|
| services.asusd.userLedModesConfig.source | Path of the source file.
|
| services.gns3-server.settings | The global options in config file in ini format
|
| services.asusd.fanCurvesConfig.source | Path of the source file.
|
| services.goeland.settings | Configuration of goeland
|
| services.coturn.realm | The default realm to be used for the users when no explicit
origin/realm relationship was found in the database, or if the TURN
server is not using any database (just the commands-line settings
and the userdb file)
|
| programs.neovim.runtime.<name>.source | Path of the source file.
|
| security.pam.services.<name>.unixAuth | Whether users can log in with passwords defined in
/etc/shadow.
|
| services.asusd.auraConfigs.<name>.source | Path of the source file.
|
| services.diod.statfsPassthru | This option configures statfs to return the host file system's type
rather than V9FS_MAGIC.
|
| services.cassandra.extraEnvSh | Extra shell lines to be appended onto cassandra-env.sh.
|
| services.gitlab.backup.skip | Directories to exclude from the backup
|
| services.terraria.worldPath | The path to the world file (.wld) which should be loaded
|
| services.ttyd.passwordFile | File containing the password to use for basic http authentication
|
| services.promtail.configFile | Config file path for Promtail
|
| services.trickster.configFile | Path to configuration file.
|
| services.sickbeard.configFile | Path to config file.
|
| services.nezha-agent.settings | Generate to config.json as a Nix attribute set
|
| services.longview.apiKeyFile | A file containing the Longview API key
|
| services.opengfw.settingsFile | Path to file containing OpenGFW settings.
|
| services.mysql.initialScript | A file containing SQL statements to be executed on the first startup
|
| services.pdns-recursor.luaConfig | The content Lua configuration file for PowerDNS Recursor
|
| services.listmonk.secretFile | A file containing secrets as environment variables
|
| services.phpfpm.pools.<name>.socket | Path to the unix socket file on which to accept FastCGI requests.
This option is read-only and managed by NixOS.
|
| services.privoxy.userActions | Actions to be included in a user.action file
|
| nix.buildMachines.*.sshKey | The path to the SSH private key with which to authenticate on
the build machine
|
| services.transmission.credentialsFile | Path to a JSON file to be merged with the settings
|
| services.wakapi.passwordSaltFile | The path to a file containing the password salt to use for Wakapi.
|
| services.jicofo.userPasswordFile | Path to file containing password for XMPP user connection.
|
| services.forgejo.database.path | Path to the sqlite3 database file.
|
| security.loginDefs.settings.UMASK | The file mode creation mask is initialized to this value.
|
| services.drupal.sites.<name>.phpOptions | Options for PHP's php.ini file for this Drupal site.
|
| services.headscale.configFile | Path to the configuration file of headscale.
|
| services.forgejo.customDir | Base directory for custom templates and other options
|
| services.athens.storage.s3.token | Token for the S3 storage backend
|
| services.gitea.database.socket | Path to the unix socket file to use for authentication.
|
| services.jigasi.userPasswordFile | Path to file containing password for XMPP user connection.
|
| services.synergy.server.configFile | The Synergy server configuration file.
|
| services.postfix.virtualMapType | What type of virtual alias map file to use
|
| services.ncdns.dnssec.keys.private | Path to the file containing the KSK private key.
|
| services.pihole-ftl.macvendorURL | URL from which to download the macvendor.db file.
|
| services.privoxy.userFilters | Filters to be included in a user.filter file
|
| services.pixelfed.secretFile | A secret file to be sourced for the .env settings
|
| services.ncdns.settings | ncdns settings
|
| services.munin-node.extraPluginConfig | plugin-conf.d extra plugin configuration
|
| services.prosody.extraConfig | Additional prosody configuration
The generated file is processed by envsubst to allow secrets to be passed securely via environment variables.
|
| services.radicle.publicKey | An SSH public key (as an absolute file path or directly as a string),
usually generated by rad auth
|
| services.xonotic.settings | Generates the server.cfg file
|
| services.vikunja.database.path | Path to the sqlite3 database file.
|
| containers.<name>.tmpfs | Mounts a set of tmpfs file systems into the container
|
| services.prometheus.scrapeConfigs.*.hetzner_sd_configs.*.tls_config.cert_file | Certificate file for client cert authentication to the server.
|
| services.sks.extraDbConfig | Set contents of the files "KDB/DB_CONFIG" and "PTree/DB_CONFIG" within
the ${dataDir} directory
|
| services.rspamd.overrides | Overridden configuration files, written into /etc/rspamd/override.d/{name}.
|
| services.mopidy.extraConfigFiles | Extra config file read by Mopidy when the service starts
|
| services.rss-bridge.config.FileCache.path | Directory where to store cache files (if cache.type = "file").
|
| services.rspamd.locals.<name>.enable | Whether this file locals should be generated
|
| services.journald.rateLimitBurst | Configures the rate limiting burst limit (number of messages per
interval) that is applied to all messages generated on the system
|
| services.wakapi.smtpPasswordFile | The path to a file containing the password for the smtp mailer used by Wakapi.
|
| services.actkbd.bindings | Key bindings for actkbd
|
| services.akkoma.config | Configuration for Akkoma
|
| services.duckdns.domainsFile | The path to a file containing a
newline-separated list of DuckDNS
domain(s) to be updated
(without the .duckdns.org suffix)
|
| services.davis.adminPasswordFile | The full path to a file that contains the admin's password
|
| environment.etc.<name>.target | Name of symlink (relative to
/etc)
|
| services.atd.allowEveryone | Whether to make /var/spool/at{jobs,spool}
writeable by everyone (and sticky)
|
| services.gitea.mailerPasswordFile | Path to a file containing the SMTP password.
|
| services.gnome.gnome-user-share.enable | Whether to enable GNOME User Share, a user-level file sharing service for GNOME.
|
| services.froide-govplan.secretKeyFile | Path to a file containing the secret key.
|
| services.bitcoind.<name>.extraConfig | Additional configurations to be appended to bitcoin.conf.
|
| image.repart.mkfsOptions | Specify extra options for created file systems
|
| services.displayManager.logToFile | Whether the display manager redirects the output of the
session script to ~/.xsession-errors.
|
| services.bluemap.coreSettings | Settings for the core.conf file, see upstream docs.
|
| services.rsyslogd.extraConfig | Additional text appended to syslog.conf,
i.e. the contents of defaultConfig.
|
| services.lighttpd.configText | Overridable config file contents to use for lighttpd
|
| services.osquery.settings | Configuration to be written to the osqueryd JSON configuration file
|
| services.mycelium.keyFile | Optional path to a file containing the mycelium key material
|
| users.extraUsers.<name>.isNormalUser | Indicates whether this is an account for a “real” user
|
| services.davis.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.movim.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.slskd.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.grafana.settings.security.secret_key | Secret key used for signing
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.neo4j.ssl.policies.<name>.publicCertificate | The name of public X.509 certificate (chain) file in PEM format
for this policy to be found in the baseDirectory,
or the absolute path to the certificate file
|
| services.bacula-dir.port | Specify the port (a positive integer) on which the Director daemon
will listen for Bacula Console connections
|
| services.diod.squashuser | Change the squash user
|
| services.forgejo.settings | Free-form settings written directly to the app.ini configfile file
|
| services.graphite.carbon.config | Content of carbon configuration file.
|
| programs.nncp.settings | NNCP configuration, see
http://www.nncpgo.org/Configuration.html
|
| services.ergochat.settings | Ergo IRC daemon configuration file.
https://raw.githubusercontent.com/ergochat/ergo/master/default.yaml
|
| security.auditd.plugins.<name>.args | This allows you to pass arguments to the child program
|