| services.jupyter.kernels.<name>.logo32 | Path to 32x32 logo png.
|
| boot.initrd.systemd.contents.<name>.source | Path of the source file.
|
| networking.greTunnels.<name>.remote | The address of the remote endpoint to forward traffic over.
|
| services.jupyter.kernels.<name>.logo64 | Path to 64x64 logo png.
|
| services.nsd.zones.<name>.dnssecPolicy.keyttl | TTL for dnssec records
|
| services.nginx.virtualHosts.<name>.listen.*.ssl | Enable SSL.
|
| services.rke2.manifests.<name>.source | Path of the source .yaml file.
|
| services.rke2.manifests.<name>.enable | Whether this manifest file should be generated.
|
| services.firezone.server.provision.accounts.<name>.resources.<name>.type | The resource type
|
| services.hostapd.radios.<name>.band | Specifies the frequency band to use, possible values are 2g for 2.4 GHz,
5g for 5 GHz, 6g for 6 GHz and 60g for 60 GHz.
|
| services.sanoid.datasets.<name>.yearly | Number of yearly snapshots.
|
| services.sympa.settingsFile.<name>.source | Path of the source file.
|
| services.nebula.networks.<name>.enable | Enable or disable this network.
|
| services.sanoid.datasets.<name>.hourly | Number of hourly snapshots.
|
| services.gitwatch.<name>.message | Optional text to use in as commit message; all occurrences of %d will be replaced by formatted date/time
|
| services.dokuwiki.sites.<name>.acl.*.level | Permission level to restrict the actor(s) to
|
| services.bepasty.servers.<name>.workDir | Path to the working directory (used for config and pidfile)
|
| services.spiped.config.<name>.encrypt | Take unencrypted connections from the
source socket and send encrypted
connections to the target socket.
|
| services.spiped.config.<name>.decrypt | Take encrypted connections from the
source socket and send unencrypted
connections to the target socket.
|
| systemd.paths.<name>.restartTriggers | An arbitrary list of items such as derivations
|
| systemd.targets.<name>.requisite | Similar to requires
|
| systemd.sockets.<name>.requisite | Similar to requires
|
| services.prometheus.exporters.fritz.settings.devices.*.name | Name to use for the device.
|
| services.ndppd.proxies.<name>.timeout | Controls how long to wait for a Neighbor Advertisement Message before
invalidating the entry, in milliseconds.
|
| services.quicktun.<name>.remoteFloat | Whether to allow the remote address and port to change when properly encrypted packets are received.
|
| services.rke2.autoDeployCharts.<name>.hash | The hash of the packaged Helm chart
|
| users.mysql.pam.logging.hostColumn | The name of the column in the log table to which the name of the user
being authenticated is stored.
|
| users.mysql.pam.logging.userColumn | The name of the column in the log table to which the name of the
user being authenticated is stored.
|
| systemd.user.services.<name>.startAt | Automatically start this unit at the given date/time, which
must be in the format described in
systemd.time(7)
|
| services.fedimintd.<name>.nginx.fqdn | Public domain of the API address of the reverse proxy/tls terminator.
|
| services.h2o.hosts.<name>.tls.identity.*.key-file | Path to key file
|
| services.redis.servers.<name>.appendFsync | How often to fsync the append-only log, options: no, always, everysec.
|
| services.xserver.displayManager.lightdm.greeters.gtk.cursorTheme.name | Name of the cursor theme to use for the lightdm-gtk-greeter.
|
| services.znapzend.zetup.<name>.destinations.<name>.presend | Command to run before sending the snapshot to the destination
|
| services.znapzend.zetup.<name>.plan | The znapzend backup plan to use for the source
|
| services.dokuwiki.sites.<name>.aclFile | Location of the dokuwiki acl rules
|
| services.httpd.virtualHosts.<name>.listen.*.ip | IP to listen on. 0.0.0.0 for IPv4 only, * for all.
|
| services.i2pd.inTunnels.<name>.crypto.tagsToSend | Number of ElGamal/AES tags to send.
|
| services.firefox-syncserver.database.name | Database to use for storage
|
| services.xserver.xkb.extraLayouts.<name>.keycodesFile | The path to the xkb keycodes file
|
| security.pam.services.<name>.failDelay.delay | The delay time (in microseconds) on failure.
|
| services.drupal.sites.<name>.privateFilesDir | The location of the Drupal private files directory.
|
| services.openvpn.servers.<name>.autoStart | Whether this OpenVPN instance should be started automatically.
|
| security.auditd.plugins.<name>.type | This tells the dispatcher how the plugin wants to be run
|
| services.nsd.zones.<name>.maxRefreshSecs | Limit refresh time for secondary zones
|
| systemd.network.netdevs.<name>.enable | Whether to manage network configuration using systemd-network
|
| services.quicktun.<name>.localAddress | IP address or hostname of the local end.
|
| services.prosody.virtualHosts.<name>.ssl.key | Path to the key file.
|
| systemd.network.netdevs.<name>.extraConfig | Extra configuration append to unit
|
| services.dokuwiki.sites.<name>.package | The dokuwiki package to use.
|
| services.drupal.sites.<name>.database.user | Database user.
|
| containers.<name>.allowedDevices | A list of device nodes to which the containers has access to.
|
| services.znapzend.zetup.<name>.dataset | The dataset to use for this source.
|
| services.httpd.virtualHosts.<name>.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| services.nginx.virtualHosts.<name>.acmeRoot | Directory for the ACME challenge, which is public
|
| systemd.user.timers.<name>.requisite | Similar to requires
|
| systemd.user.slices.<name>.requisite | Similar to requires
|
| services.redis.servers.<name>.user | User account under which this instance of redis-server runs.
If left as the default value this user will automatically be
created on system activation, otherwise you are responsible for
ensuring the user exists before the redis service starts.
|
| services.agate.hostnames | Domain name of this Gemini server, enables checking hostname and port
in requests. (multiple occurrences means basic vhosts)
|
| services.borgbackup.jobs.<name>.appendFailedSuffix | Append a .failed suffix
to the archive name, which is only removed if
borg create has a zero exit status.
|
| networking.wg-quick.interfaces.<name>.listenPort | 16-bit port for listening
|
| security.acme.certs.<name>.renewInterval | Systemd calendar expression when to check for renewal
|
| systemd.user.sockets.<name>.listenStreams | For each item in this list, a ListenStream
option in the [Socket] section will be created.
|
| services.sourcehut.settings."builds.sr.ht::worker".name | Listening address and listening port
of the build runner (with HTTP port if not 80).
|
| services.akkoma.initDb.username | Name of the database user to initialise the database with
|
| security.pam.services.<name>.limits | Attribute set describing resource limits
|
| systemd.user.targets.<name>.startLimitBurst | Configure unit start rate limiting
|
| systemd.user.sockets.<name>.startLimitBurst | Configure unit start rate limiting
|
| systemd.user.services.<name>.scriptArgs | Arguments passed to the main process script
|
| services.fedimintd.<name>.nginx.config.http3 | Whether to enable the HTTP/3 protocol
|
| services.github-runners.<name>.user | User under which to run the service
|
| services.davis.nginx.serverName | Name of this virtual host
|
| services.movim.nginx.serverName | Name of this virtual host
|
| services.slskd.nginx.serverName | Name of this virtual host
|
| services.gerrit.plugins | List of plugins to add to Gerrit
|
| systemd.services.<name>.startLimitBurst | Configure unit start rate limiting
|
| services.i2pd.outTunnels.<name>.crypto.tagsToSend | Number of ElGamal/AES tags to send.
|
| boot.initrd.systemd.contents.<name>.enable | Whether to enable copying of this file and symlinking it.
|
| services.tahoe.nodes.<name>.sftpd.hostPublicKeyFile | Path to the SSH host public key.
|
| services.hostapd.radios.<name>.networks.<name>.dynamicConfigScripts | All of these scripts will be executed in lexicographical order before hostapd
is started, right after the bss segment was generated and may dynamically
append bss options to the generated configuration file
|
| programs.zsh.ohMyZsh.theme | Name of the theme to be used by oh-my-zsh.
|
| containers.<name>.forwardPorts.*.hostPort | Source port of the external interface on host
|
| services.prometheus.exporters.script.settings.scripts.*.name | Name of the script.
|
| services.spiped.config.<name>.timeout | Timeout, in seconds, after which an attempt to connect to
the target or a protocol handshake will be aborted (and the
connection dropped) if not completed
|
| services.redis.servers.<name>.appendOnly | By default data is only periodically persisted to disk, enable this option to use an append-only file for improved persistence.
|
| hardware.sane.brscan4.netDevices.<name>.model | The model of the network device.
|
| services.httpd.virtualHosts.<name>.listen.*.port | Port to listen on
|
| services.drupal.sites.<name>.database.host | Database host address.
|
| services.borgbackup.jobs.<name>.repo | Remote or local repository to back up to.
|
| services.iodine.clients.<name>.extraConfig | Additional command line parameters
|
| services.drupal.sites.<name>.database.port | Database host port.
|
| hardware.sane.brscan5.netDevices.<name>.model | The model of the network device.
|
| services.nginx.virtualHosts.<name>.listen.*.addr | Listen address.
|
| services.hans.clients.<name>.passwordFile | File that contains password
|
| services.nginx.virtualHosts.<name>.default | Makes this vhost the default.
|
| services.bacula-sd.director.<name>.tls.key | The path of a PEM encoded TLS private key
|
| security.pam.services.<name>.yubicoAuth | If set, users listed in
~/.yubico/authorized_yubikeys
are able to log in with the associated Yubikey tokens.
|
| services.bacula-fd.director.<name>.tls.key | The path of a PEM encoded TLS private key
|
| services.xserver.displayManager.lightdm.greeters.enso.cursorTheme.name | Name of the cursor theme to use for the lightdm-enso-os-greeter
|
| services.firewalld.zones.<name>.ports.*.port | |