| security.pam.services.<name>.howdy.control | This option sets the PAM "control" used for this module.
|
| services.xserver.xkb.extraLayouts.<name>.geometryFile | The path to the xkb geometry file
|
| security.auditd.plugins.<name>.path | This is the absolute path to the plugin executable.
|
| services.httpd.virtualHosts.<name>.http2 | Whether to enable HTTP 2
|
| users.mysql.pam.userColumn | The name of the column that contains a unix login name.
|
| services.nginx.virtualHosts.<name>.extraConfig | These lines go to the end of the vhost verbatim.
|
| services.dokuwiki.sites.<name>.poolConfig | Options for the DokuWiki PHP pool
|
| services.nntp-proxy.users.<name>.passwordHash | SHA-512 password hash (can be generated by
mkpasswd -m sha-512 <password>)
|
| services.redis.servers.<name>.slowLogLogSlowerThan | Log queries whose execution take longer than X in milliseconds.
|
| systemd.services.<name>.serviceConfig | Each attribute in this set specifies an option in the
[Service] section of the unit
|
| services.github-runners.<name>.url | Repository to add the runner to
|
| services.firezone.server.provision.accounts.<name>.groups.<name>.forceMembers | Ensure that only the given members are part of this group at every server start.
|
| fileSystems.<name>.autoFormat | If the device does not currently contain a filesystem (as
determined by blkid), then automatically
format it with the filesystem type specified in
fsType
|
| services.grafana.provision.alerting.rules.settings.groups.*.name | Name of the rule group
|
| networking.fooOverUDP.<name>.local.dev | Network device to bind to.
|
| services.keepalived.vrrpInstances.<name>.vmacInterface | Name of the vmac interface to use. keepalived will come up with a name
if you don't specify one.
|
| users.extraUsers.<name>.expires | Set the date on which the user's account will no longer be
accessible
|
| systemd.user.sockets.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| systemd.user.targets.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| services.rspamd.workers.<name>.includes | List of files to include in configuration
|
| services.tarsnap.archives.<name>.nodump | Exclude files with the nodump flag.
|
| services.syncoid.commands.<name>.extraArgs | Extra syncoid arguments for this command.
|
| services.mailpit.instances.<name>.smtp | SMTP bind interface and port.
|
| services.wstunnel.servers.<name>.enable | Whether to enable this wstunnel instance.
|
| services.wstunnel.clients.<name>.enable | Whether to enable this wstunnel instance.
|
| services.xserver.displayManager.lightdm.greeters.gtk.cursorTheme.name | Name of the cursor theme to use for the lightdm-gtk-greeter.
|
| security.pam.services.<name>.requireWheel | Whether to permit root access only to members of group wheel.
|
| services.geoclue2.appConfig.<name>.users | List of UIDs of all users for which this application is allowed location
info access, Defaults to an empty string to allow it for all users.
|
| services.nginx.proxyCachePath.<name>.useTempPath | Nginx first writes files that are destined for the cache to a temporary
storage area, and the use_temp_path=off directive instructs Nginx to
write them to the same directories where they will be cached
|
| environment.etc.<name>.uid | UID of created file
|
| environment.etc.<name>.gid | GID of created file
|
| services.neo4j.ssl.policies.<name>.trustAll | Makes this policy trust all remote parties
|
| services.vault-agent.instances.<name>.group | Group under which this instance runs.
|
| services.github-runners.<name>.workDir | Working directory, available as $GITHUB_WORKSPACE during workflow runs
and used as a default for repository checkouts
|
| services.davis.nginx.locations.<name>.index | Adds index directive.
|
| services.davis.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.movim.nginx.locations.<name>.index | Adds index directive.
|
| services.slskd.nginx.locations.<name>.index | Adds index directive.
|
| services.movim.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.slskd.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.znc.confOptions.networks.<name>.useSSL | Whether to use SSL to connect to the IRC server.
|
| security.acme.certs.<name>.extraLegoRunFlags | Additional flags to pass to lego run.
|
| services.fedimintd.<name>.nginx.config.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| services.kmonad.keyboards.<name>.config | Keyboard configuration.
|
| services.opkssh.providers.<name>.issuer | Issuer URI
|
| security.wrappers.<name>.enable | Whether to enable the wrapper.
|
| services.nsd.zones.<name>.children | Children zones inherit all options of their parents
|
| services.restic.backups.<name>.extraBackupArgs | Extra arguments passed to restic backup.
|
| services.redis.servers.<name>.openFirewall | Whether to open ports in the firewall for the server.
|
| services.restic.backups.<name>.pruneOpts | A list of options (--keep-* et al.) for 'restic forget
--prune', to automatically prune old snapshots
|
| services.borgbackup.jobs.<name>.appendFailedSuffix | Append a .failed suffix
to the archive name, which is only removed if
borg create has a zero exit status.
|
| services.wordpress.sites.<name>.fontsDir | This directory is used to download fonts from a remote location, e.g.
to host google fonts locally.
|
| systemd.paths.<name>.conflicts | If the specified units are started, then this unit is stopped
and vice versa.
|
| services.drupal.sites.<name>.virtualHost.adminAddr | E-mail address of the server administrator.
|
| systemd.slices.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| systemd.timers.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| services.znapzend.zetup.<name>.destinations.<name>.postsend | Command to run after sending the snapshot to the destination
|
| security.pam.services.<name>.sssdStrictAccess | enforce sssd access control
|
| services.tinc.networks.<name>.rsaPrivateKeyFile | Path of the private RSA keyfile.
|
| services.udp-over-tcp.tcp2udp.<name>.openFirewall | Open the appropriate ports in the firewall.
|
| services.udp-over-tcp.udp2tcp.<name>.openFirewall | Open the appropriate ports in the firewall.
|
| services.public-inbox.inboxes.<name>.address | The email addresses of the public-inbox.
|
| services.borgbackup.jobs.<name>.paths | Path(s) to back up
|
| services.nylon.<name>.acceptInterface | Tell nylon which interface to listen for client requests on, default is "lo".
|
| systemd.services.<name>.requisite | Similar to requires
|
| services.icecast.hostname | DNS name or IP address that will be used for the stream directory lookups or possibly the playlist generation if a Host header is not provided.
|
| security.pam.services.<name>.ttyAudit.openOnly | Set the TTY audit flag when opening the session,
but do not restore it when closing the session
|
| systemd.user.paths.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| services.rspamd.overrides.<name>.source | Path of the source file.
|
| services.sanoid.templates.<name>.hourly | Number of hourly snapshots.
|
| services.sanoid.templates.<name>.yearly | Number of yearly snapshots.
|
| services.restic.backups.<name>.command | Command to pass to --stdin-from-command
|
| services.autorandr.hooks.preswitch | Preswitch hook executed before mode switch.
|
| services.geth.<name>.authrpc.jwtsecret | Path to a JWT secret for authenticated RPC endpoint.
|
| services.geth.<name>.websocket.address | Listen address of Go Ethereum WebSocket API.
|
| services.borgbackup.jobs.<name>.postInit | Shell commands to run after borg init.
|
| services.wstunnel.servers.<name>.autoStart | Whether to enable starting this wstunnel instance automatically.
|
| services.wstunnel.clients.<name>.autoStart | Whether to enable starting this wstunnel instance automatically.
|
| security.pam.services.<name>.forwardXAuth | Whether X authentication keys should be passed from the
calling user to the target user (e.g. for
su)
|
| services.borgbackup.jobs.<name>.user | The user borg is run as
|
| services.nginx.virtualHosts.<name>.listen.*.port | Port number to listen on
|
| services.sympa.domains.<name>.settings | The robot.conf configuration file as key value set
|
| services.home-assistant.config.homeassistant.name | Name of the location where Home Assistant is running.
|
| power.ups.upsmon.monitor.<name>.powerValue | Number of power supplies that the UPS feeds on this system
|
| services.h2o.hosts.<name>.tls.redirectCode | HTTP status used by globalRedirect & forceSSL
|
| services.gancio.nginx.locations.<name>.root | Root directory for requests.
|
| services.fedimintd.<name>.bitcoin.rpc.kind | Kind of a bitcoin node.
|
| services.akkoma.nginx.locations.<name>.root | Root directory for requests.
|
| services.fluidd.nginx.locations.<name>.root | Root directory for requests.
|
| services.snipe-it.nginx.locations.<name>.index | Adds index directive.
|
| services.matomo.nginx.locations.<name>.root | Root directory for requests.
|
| services.snipe-it.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.monica.nginx.locations.<name>.root | Root directory for requests.
|
| services.neo4j.ssl.policies.<name>.ciphers | Restrict the allowed ciphers of this policy to those defined
here
|
| services.prometheus.exporters.fritz.settings.devices.*.name | Name to use for the device.
|
| services.xserver.displayManager.lightdm.greeters.enso.cursorTheme.name | Name of the cursor theme to use for the lightdm-enso-os-greeter
|
| security.pam.services.<name>.howdy.enable | Whether to enable the Howdy PAM module
|
| services.drupal.sites.<name>.virtualHost.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| security.wrappers.<name>.source | The absolute path to the program to be wrapped.
|
| services.firewalld.zones.<name>.version | Version of the zone.
|