| services.autorandr.profiles.<name>.hooks.predetect | Predetect hook executed before autorandr attempts to run xrandr.
|
| services.amule.settings | Free form attribute set for aMule settings
|
| services.grafana.settings.database.password | The database user's password (not applicable for sqlite3)
|
| services.netbox.ldapConfigPath | Path to the Configuration-File for LDAP-Authentication, will be loaded as ldap_config.py
|
| users.users.<name>.isNormalUser | Indicates whether this is an account for a “real” user
|
| services.prometheus.scrapeConfigs.*.docker_sd_configs.*.oauth2.client_secret_file | Read the client secret from a file
|
| services.prometheus.scrapeConfigs.*.eureka_sd_configs.*.oauth2.client_secret_file | Read the client secret from a file
|
| services.prometheus.scrapeConfigs.*.consul_sd_configs.*.oauth2.client_secret_file | Read the client secret from a file
|
| services.prometheus.scrapeConfigs.*.linode_sd_configs.*.oauth2.client_secret_file | Read the client secret from a file
|
| services.paperless.environmentFile | Path to a file containing extra paperless config options in the systemd EnvironmentFile
format
|
| services.pingvin-share.enable | Whether to enable Pingvin Share, a self-hosted file sharing platform.
|
| services.netdata.claimTokenFile | If set, automatically registers the agent using the given claim token
file.
|
| services.syslogd.extraConfig | Additional text appended to syslog.conf,
i.e. the contents of defaultConfig.
|
| services.prometheus.scrapeConfigs.*.puppetdb_sd_configs.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|
| services.prometheus.scrapeConfigs.*.scaleway_sd_configs.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|
| services.prometheus.scrapeConfigs.*.marathon_sd_configs.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|
| services.cfdyndns.apiTokenFile | The path to a file containing the API Token
used to authenticate with CloudFlare.
|
| services.kubo.enable | Whether to enable the Interplanetary File System (WARNING: may cause severe network degradation)
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.authorization.credentials_file | Sets the credentials to the credentials read from the configured file
|
| services.grav.systemSettings | Settings written to user/config/system.yaml.
|
| services.pptpd.extraPptpdOptions | Adds extra lines to the pptpd configuration file.
|
| services.xl2tpd.extraXl2tpOptions | Adds extra lines to the xl2tpd configuration file.
|
| services.riemann-dash.dataDir | Location of the riemann-base dir
|
| services.cadvisor.storageDriverPasswordFile | File that contains the cadvisor storage driver password.
storageDriverPasswordFile takes precedence over storageDriverPassword
Warning: when storageDriverPassword is non-empty this defaults to a file in the
world-readable Nix store that contains the value of storageDriverPassword
|
| networking.useHostResolvConf | In containers, whether to use the
resolv.conf supplied by the host.
|
| services.nbd.server.exports.<name>.path | File or block device to export.
|
| programs.i3lock.package | The i3lock package to use. ::: {.note}
The i3lock package must include a i3lock file or link in its out directory in order for the u2fSupport option to work correctly.
:::
|
| services.db-rest.redis.passwordFile | Path to a file containing the redis password.
|
| services.strongswan-swanctl.strongswan.extraConfig | Contents of the strongswan.conf file.
|
| boot.initrd.systemd.contents.<name>.text | Text of the file.
|
| services.ncps.cache.databaseURLFile | File containing the URL of the database.
|
| boot.zfs.requestEncryptionCredentials | If true on import encryption keys or passwords for all encrypted datasets
are requested
|
| services.hostapd.radios.<name>.networks.<name>.macDenyFile | Specifies a file containing the MAC addresses to deny if macAcl is set to "deny" or "radius"
|
| services.filesender.settings.storage_filesystem_path | When using storage type filesystem this is the absolute path to the file system where uploaded files are stored until they expire
|
| services.opengfw.pcapReplay | Path to PCAP replay file
|
| services.znapzend.logLevel | The log level when logging to file
|
| services.logrotate.checkConfig | Whether the config should be checked at build time
|
| services.openafsServer.roles.fileserver.salvagerArgs | Arguments to the dasalvager process
|
| services.devpi-server.secretFile | Path to a shared secret file used for synchronization,
Required for all nodes in a replica/primary setup.
|
| services.sanoid.settings | Free-form settings written directly to the config file
|
| services.stash.passwordFile | Path to file containing password for login.
|
| services.zitadel.masterKeyFile | Path to a file containing a master encryption key for ZITADEL
|
| boot.specialFileSystems.<name>.fsType | Type of the file system
|
| services.hylafax.modems.<name>.name | Name of modem device,
will be searched for in /dev.
|
| networking.extraHosts | Additional verbatim entries to be appended to /etc/hosts
|
| services.opentelemetry-collector.configFile | Specify a path to a configuration file that Opentelemetry Collector should use.
|
| services.tarsnap.archives.<name>.keyfile | Set a specific keyfile for this archive
|
| programs.regreet.settings | ReGreet configuration file
|
| services.postfix.extraMasterConf | Extra lines to append to the generated master.cf file.
|
| services.xl2tpd.extraPppdOptions | Adds extra lines to the pppd options file.
|
| services.consul-template.instances.<name>.settings | Free-form settings written directly to the config.json file
|
| services.mautrix-whatsapp.environmentFile | File containing environment variables to be passed to the mautrix-whatsapp service
|
| services.sshwifty.sharedKeyFile | Path to a file containing the shared key.
|
| services.gitlab.backup.skip | Directories to exclude from the backup
|
| services.lemmy.adminPasswordFile | File which contains the value of setup.admin_password.
|
| environment.pathsToLink | List of directories to be symlinked in /run/current-system/sw.
|
| services.gitea.captcha.secretFile | Path to a file containing the CAPTCHA secret key.
|
| services.snipe-it.mail.passwordFile | A file containing the password corresponding to
mail.user.
|
| services.mastodon.configureNginx | Configure nginx as a reverse proxy for mastodon
|
| services.xserver.windowManager.herbstluftwm.configFile | Path to the herbstluftwm configuration file
|
| services.ntopng.extraConfig | Configuration lines that will be appended to the generated ntopng
configuration file
|
| services.phpfpm.extraConfig | Extra configuration that should be put in the global section of
the PHP-FPM configuration file
|
| services.taler.settings | Global configuration options for the taler config file
|
| boot.initrd.postDeviceCommands | Shell commands to be executed immediately after stage 1 of the
boot has loaded kernel modules and created device nodes in
/dev.
|
| services.hans.server.passwordFile | File that contains password
|
| virtualisation.containerd.configFile | Path to containerd config file
|
| services.kubernetes.kubelet.kubeconfig.caFile | Kubelet certificate authority file used to connect to kube-apiserver.
|
| services.ncdns.dnssec.keys.private | Path to the file containing the KSK private key.
|
| services.prometheus.remoteRead.*.bearer_token_file | Sets the Authorization header on every remote read request with the bearer token
read from the configured file
|
| services.syncplay.statsDBFile | Path to SQLite database file to store stats
|
| services.snapserver.streams.<name>.location | For type pipe or file, the path to the pipe or file
|
| services.cfdyndns.apikeyFile | The path to a file containing the API Key
used to authenticate with CloudFlare.
|
| services.gitea.minioSecretAccessKey | Path to a file containing the Minio secret access key.
|
| services.mjolnir.accessTokenFile | File containing the matrix access token for the mjolnir user.
|
| services.redmine.settings | Redmine configuration (configuration.yml)
|
| services.zitadel.settings | Contents of the runtime configuration file
|
| networking.wireless.secretsFile | File consisting of lines of the form varname=value
to define variables for the wireless configuration
|
| services.hostapd.radios.<name>.networks.<name>.macAllowFile | Specifies a file containing the MAC addresses to allow if macAcl is set to "allow" or "radius"
|
| services.slskd.settings.retention.files.incomplete | Lifespan of incomplete downloading files in minutes.
|
| boot.loader.grub.users | User accounts for GRUB
|
| services.nezha-agent.clientSecretFile | Path to the file contained the client_secret of the dashboard.
|
| services.openntpd.extraConfig | Additional text appended to openntpd.conf.
|
| services.kubernetes.kubelet.kubeconfig.keyFile | Kubelet client key file used to connect to kube-apiserver.
|
| services.sympa.settingsFile.<name>.text | Text of the file.
|
| services.coturn.realm | The default realm to be used for the users when no explicit
origin/realm relationship was found in the database, or if the TURN
server is not using any database (just the commands-line settings
and the userdb file)
|
| services.taler.includes | Files to include into the config file using Taler's @inline@ directive
|
| services.asusd.userLedModesConfig.source | Path of the source file.
|
| services.asusd.fanCurvesConfig.source | Path of the source file.
|
| services.prometheus.scrapeConfigs.*.kubernetes_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.prometheus.exporters.snmp.enableConfigCheck | Whether to run a correctness check for the configuration file
|
| boot.initrd.network.openvpn.configuration | The configuration file for OpenVPN.
Unless your bootloader supports initrd secrets, this configuration
is stored insecurely in the global Nix store.
|
| services.redsocks.chroot | Chroot under which to run redsocks
|
| services.gnunet.extraOptions | Additional options that will be copied verbatim in gnunet.conf
|
| services.syncplay.roomsDBFile | Path to SQLite database file to store room states
|
| services.prometheus.exporters.nextcloud.tokenFile | File containing the token for connecting to Nextcloud
|
| services.prometheus.remoteWrite.*.bearer_token_file | Sets the Authorization header on every remote write request with the bearer token
read from the configured file
|
| fonts.fontDir.decompressFonts | Whether to decompress fonts in
/run/current-system/sw/share/X11/fonts.
|
| security.pam.services.<name>.otpwAuth | If set, the OTPW system will be used (if
~/.otpw exists).
|
| services.athens.storage.s3.token | Token for the S3 storage backend
|
| services.printing.cups-pdf.instances.<name>.installPrinter | Whether to enable a CUPS printer queue for this instance
|