| boot.initrd.extraFiles.<name>.source | The object to make available inside the initrd.
|
| systemd.user.slices.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| systemd.user.paths.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| systemd.user.timers.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| services.borgbackup.jobs.<name>.postPrune | Shell commands to run after borg prune.
|
| services.nebula.networks.<name>.tun.disable | When tun is disabled, a lighthouse can be started without a local tun interface (and therefore without root).
|
| services.vmalert.instances.<name>.settings.rule | Path to the files with alerting and/or recording rules.
|
| services.homebridge.settings.accessories.*.name | Name of the accessory
|
| services.gitlab-runner.services.<name>.dockerImage | Docker image to be used.
|
| services.rke2.autoDeployCharts.<name>.extraDeploy | List of extra Kubernetes manifests to deploy with this Helm chart.
|
| services.mailpit.instances.<name>.max | Maximum number of emails to keep
|
| services.pingvin-share.hostname | The domain name of your instance
|
| services.fluidd.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.gancio.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.akkoma.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.matomo.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.monica.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| systemd.user.slices.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| systemd.user.timers.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| services.github-runners.<name>.extraLabels | Extra labels in addition to the default (unless disabled through the noDefaultLabels option)
|
| services.wstunnel.servers.<name>.package | The wstunnel package to use.
|
| services.wstunnel.clients.<name>.package | The wstunnel package to use.
|
| users.extraUsers.<name>.createHome | Whether to create the home directory and ensure ownership as well as
permissions to match the user.
|
| services.snipe-it.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.orangefs.server.fileSystems.<name>.id | File system ID (must be unique within configuration).
|
| services.tinc.networks.<name>.listenAddress | The ip address to listen on for incoming connections.
|
| services.tarsnap.archives.<name>.maxbwRateDown | Download bandwidth rate limit in bytes.
|
| services.inadyn.settings.custom.<name>.ddns-path | DDNS server path
|
| services.fedimintd.<name>.nginx.path_ws | Path to host the API on and forward to the daemon's api port
|
| services.postfix.masterConfig.<name>.chroot | Whether the service is chrooted to have only access to the
services.postfix.queueDir and the closure of
store paths specified by the program option.
|
| services.syncoid.commands.<name>.target | Target ZFS dataset
|
| services.xserver.displayManager.lightdm.greeters.slick.cursorTheme.name | Name of the cursor theme to use for the lightdm-slick-greeter.
|
| containers.<name>.bindMounts.<name>.hostPath | Location of the host path to be mounted.
|
| security.pam.services.<name>.kwallet.package | The kwallet-pam package to use.
|
| services.sabnzbd.settings.servers.<name>.ssl | Whether the server supports TLS
|
| services.znapzend.zetup.<name>.mbuffer.enable | Whether to use mbuffer.
|
| services.tinc.networks.<name>.chroot | Change process root directory to the directory where the config file is located (/etc/tinc/netname/), for added security
|
| services.borgbackup.jobs.<name>.appendFailedSuffix | Append a .failed suffix
to the archive name, which is only removed if
borg create has a zero exit status.
|
| services.drupal.sites.<name>.virtualHost.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| services.neo4j.ssl.policies.<name>.tlsVersions | Restrict the TLS protocol versions of this policy to those
defined here.
|
| services.wyoming.piper.servers.<name>.speaker | ID of a specific speaker in a multi-speaker model.
|
| services.firewalld.zones.<name>.sourcePorts | Source ports to allow in the zone.
|
| services.firewalld.zones.<name>.sources.*.mac | A MAC address.
|
| services.nginx.virtualHosts.<name>.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.fedimintd.<name>.nginx.config.quic | Whether to enable the QUIC transport protocol
|
| services.ytdl-sub.instances.<name>.readWritePaths | List of paths that ytdl-sub can write to.
|
| services.nextcloud.config.dbname | Database name.
|
| services.dokuwiki.sites.<name>.extraConfigs | Path(s) to additional configuration files that are then linked to the 'conf' directory.
|
| services.firewalld.zones.<name>.sources | Source addresses, address ranges, MAC addresses or ipsets to bind.
|
| services.fedimintd.<name>.nginx.path_ui | Path to host the built-in UI on and forward to the daemon's api port
|
| services.borgbackup.jobs.<name>.extraArgs | Additional arguments for all borg calls the
service has
|
| services.bepasty.servers.<name>.secretKey | server secret for safe session cookies, must be set
|
| services.snapper.configs.<name>.ALLOW_GROUPS | List of groups allowed to operate with the config
|
| services.rspamd.overrides.<name>.enable | Whether this file overrides should be generated
|
| services.wstunnel.servers.<name>.listen | Address and port to listen on
|
| services.openssh.knownHosts.<name>.extraHostNames | A list of additional host names and/or IP numbers used for
accessing the host's ssh service
|
| services.wstunnel.servers.<name>.useACMEHost | Use a certificate generated by the NixOS ACME module for the given host
|
| image.repart.partitions.<name>.contents.<name>.source | Path of the source file.
|
| systemd.services.<name>.restartIfChanged | Whether the service should be restarted during a NixOS
configuration switch if its definition has changed.
|
| services.fedimintd.<name>.nginx.config.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| services.cgit.<name>.gitHttpBackend.enable | Whether to bypass cgit and use git-http-backend for HTTP clones
|
| services.wyoming.piper.servers.<name>.lengthScale | Phoneme length value.
|
| services.drupal.sites.<name>.virtualHost.listen | Listen addresses and ports for this virtual host.
This option overrides addSSL, forceSSL and onlySSL
|
| services.rke2.autoDeployCharts.<name>.values | Override default chart values via Nix expressions
|
| services.davis.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.davis.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.slskd.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.movim.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.movim.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.slskd.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| systemd.user.units.<name>.aliases | Aliases of that unit.
|
| systemd.user.paths.<name>.aliases | Aliases of that unit.
|
| services.anubis.instances.<name>.extraFlags | A list of extra flags to be passed to Anubis.
|
| services.syncoid.commands.<name>.service | Systemd configuration specific to this syncoid service.
|
| services.nginx.upstreams.<name>.extraConfig | These lines go to the end of the upstream verbatim.
|
| services.tarsnap.archives.<name>.verbose | Whether to produce verbose logging output.
|
| services.vault-agent.instances.<name>.enable | Whether to enable this vault-agent instance.
|
| systemd.slices.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| systemd.timers.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| users.users.<name>.packages | The set of packages that should be made available to the user
|
| systemd.services.<name>.stopIfChanged | If set, a changed unit is restarted by calling
systemctl stop in the old configuration,
then systemctl start in the new one
|
| power.ups.upsmon.monitor.<name>.user | Username from upsd.users for accessing this UPS
|
| services.kanata.keyboards.<name>.config | Configuration other than defcfg
|
| services.wordpress.sites.<name>.poolConfig | Options for the WordPress PHP pool
|
| services.prometheus.exporters.fritz.settings.devices.*.name | Name to use for the device.
|
| services.sabnzbd.settings.servers.<name>.host | Hostname of the server
|
| services.sabnzbd.settings.servers.<name>.port | Port of the server
|
| services.gitlab-runner.services.<name>.description | Name/description of the runner.
|
| hardware.printers.ensurePrinters.*.name | Name of the printer / printer queue
|
| services.znapzend.zetup.<name>.destinations.<name>.postsend | Command to run after sending the snapshot to the destination
|
| services.httpd.virtualHosts.<name>.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.nginx.virtualHosts.<name>.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.znc.confOptions.networks.<name>.extraConf | Extra config for the network
|
| services.blockbook-frontend.<name>.rpc.url | URL for JSON-RPC connections.
|
| services.jupyterhub.kernels.<name>.env | Environment variables to set for the kernel.
|
| services.prosody.virtualHosts.<name>.enabled | Whether to enable the virtual host
|
| services.sanoid.datasets.<name>.autosnap | Whether to automatically take snapshots.
|
| services.wstunnel.clients.<name>.connectTo | Server address and port to connect to.
|
| systemd.services.<name>.enableDefaultPath | Whether to append a minimal default PATH environment variable to the service, containing common system utilities.
|
| services.postfix.settings.master.<name>.args | Arguments to pass to the command
|