| services.borgbackup.jobs.<name>.repo | Remote or local repository to back up to.
|
| services.iodine.clients.<name>.extraConfig | Additional command line parameters
|
| hardware.sane.brscan5.netDevices.<name>.model | The model of the network device.
|
| services.nginx.virtualHosts.<name>.listen.*.addr | Listen address.
|
| services.rss2email.feeds.<name>.to | Email address to which to send feed items
|
| services.home-assistant.config.homeassistant.name | Name of the location where Home Assistant is running.
|
| services.hans.clients.<name>.passwordFile | File that contains password
|
| services.nginx.virtualHosts.<name>.default | Makes this vhost the default.
|
| services.udp-over-tcp.tcp2udp.<name>.threads | Sets the number of worker threads to use
|
| services.httpd.virtualHosts.<name>.listen.*.ssl | Whether to enable SSL (https) support.
|
| services.restic.backups.<name>.exclude | Patterns to exclude when backing up
|
| systemd.user.sockets.<name>.conflicts | If the specified units are started, then this unit is stopped
and vice versa.
|
| systemd.user.targets.<name>.conflicts | If the specified units are started, then this unit is stopped
and vice versa.
|
| services.firefox-syncserver.database.name | Database to use for storage
|
| services.gitwatch.<name>.message | Optional text to use in as commit message; all occurrences of %d will be replaced by formatted date/time
|
| security.acme.certs.<name>.dnsResolver | Set the resolver to use for performing recursive DNS queries
|
| systemd.network.links.<name>.matchConfig | Each attribute in this set specifies an option in the
[Match] section of the unit
|
| services.fedimintd.<name>.package | The fedimint package to use.
|
| boot.initrd.luks.devices.<name>.yubikey.saltLength | Length of the new salt in byte (64 is the effective maximum).
|
| services.wyoming.piper.servers.<name>.piper | The piper-tts package to use.
|
| services.neo4j.ssl.policies.<name>.clientAuth | The client authentication stance for this policy.
|
| services.firewalld.zones.<name>.ports.*.port | |
| services.tahoe.nodes.<name>.sftpd.accounts.file | Path to the accounts file.
|
| services.geth.<name>.websocket.enable | Whether to enable Go Ethereum WebSocket API.
|
| services.udp-over-tcp.tcp2udp.<name>.recvTimeout | An application timeout on receiving data from the TCP socket.
|
| services.nebula.networks.<name>.relays | List of IPs of relays that this node should allow traffic from.
|
| services.udp-over-tcp.udp2tcp.<name>.recvTimeout | An application timeout on receiving data from the TCP socket.
|
| services.agate.hostnames | Domain name of this Gemini server, enables checking hostname and port
in requests. (multiple occurrences means basic vhosts)
|
| systemd.paths.<name>.restartTriggers | An arbitrary list of items such as derivations
|
| systemd.targets.<name>.requisite | Similar to requires
|
| systemd.sockets.<name>.requisite | Similar to requires
|
| containers.<name>.config | A specification of the desired configuration of this
container, as a NixOS module.
|
| containers.<name>.autoStart | Whether the container is automatically started at boot-time.
|
| services.xserver.displayManager.lightdm.greeters.slick.cursorTheme.name | Name of the cursor theme to use for the lightdm-slick-greeter.
|
| services.github-runners.<name>.user | User under which to run the service
|
| services.buildkite-agents.<name>.dataDir | The workdir for the agent
|
| services.netbird.clients.<name>.ui.enable | Controls presence of netbird-ui wrapper for this NetBird client.
|
| services.netbird.tunnels.<name>.ui.enable | Controls presence of netbird-ui wrapper for this NetBird client.
|
| services.davis.nginx.locations.<name>.root | Root directory for requests.
|
| services.movim.nginx.locations.<name>.root | Root directory for requests.
|
| services.slskd.nginx.locations.<name>.root | Root directory for requests.
|
| services.httpd.virtualHosts.<name>.sslServerKey | Path to server SSL certificate key.
|
| boot.specialFileSystems.<name>.stratis.poolUuid | UUID of the stratis pool that the fs is located in
This is only relevant if you are using stratis.
|
| services.nsd.zones.<name>.allowAXFRFallback | If NSD as secondary server should be allowed to AXFR if the primary
server does not allow IXFR.
|
| services.quicktun.<name>.remoteFloat | Whether to allow the remote address and port to change when properly encrypted packets are received.
|
| systemd.user.targets.<name>.requiredBy | Units that require (i.e. depend on and need to go down with) this unit
|
| systemd.user.sockets.<name>.requiredBy | Units that require (i.e. depend on and need to go down with) this unit
|
| services.wyoming.piper.servers.<name>.useCUDA | Whether to accelerate the underlying onnxruntime library with CUDA.
|
| services.znapzend.zetup.<name>.destinations.<name>.presend | Command to run before sending the snapshot to the destination
|
| networking.greTunnels.<name>.remote | The address of the remote endpoint to forward traffic over.
|
| services.rke2.manifests.<name>.source | Path of the source .yaml file.
|
| services.rke2.manifests.<name>.enable | Whether this manifest file should be generated.
|
| services.znapzend.zetup.<name>.sendDelay | Specify delay (in seconds) before sending snaps to the destination
|
| services.errbot.instances.<name>.dataDir | Data directory for errbot instance.
|
| services.frp.instances.<name>.role | The frp consists of client and server
|
| services.snapper.configs.<name>.FSTYPE | Filesystem type
|
| services.tahoe.nodes.<name>.tub.location | The external location that the node should listen on
|
| services.inadyn.settings.custom.<name>.ssl | Whether to use HTTPS for this DDNS provider.
|
| services.xserver.xkb.extraLayouts.<name>.geometryFile | The path to the xkb geometry file
|
| boot.initrd.luks.devices.<name>.yubikey.gracePeriod | Time in seconds to wait for the YubiKey.
|
| services.dokuwiki.sites.<name>.phpPackage | The php package to use.
|
| services.redis.servers.<name>.requirePassFile | File with password for the database.
|
| services.sanoid.templates.<name>.daily | Number of daily snapshots.
|
| services.vault-agent.instances.<name>.user | User under which this instance runs.
|
| containers.<name>.extraVeths.<name>.forwardPorts.*.containerPort | Target port of container
|
| services.hostapd.radios.<name>.networks.<name>.dynamicConfigScripts | All of these scripts will be executed in lexicographical order before hostapd
is started, right after the bss segment was generated and may dynamically
append bss options to the generated configuration file
|
| services.netbird.tunnels.<name>.dir.state | A state directory used by NetBird client to store config.json, state.json & resolv.conf.
|
| services.netbird.clients.<name>.dir.state | A state directory used by NetBird client to store config.json, state.json & resolv.conf.
|
| services.firezone.server.provision.accounts.<name>.groups.<name>.forceMembers | Ensure that only the given members are part of this group at every server start.
|
| services.nsd.zones.<name>.dnssecPolicy.ksk.rollPeriod | How frequently to change keys
|
| services.nsd.zones.<name>.dnssecPolicy.zsk.rollPeriod | How frequently to change keys
|
| systemd.services.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| security.pam.services.<name>.u2fAuth | If set, users listed in
$XDG_CONFIG_HOME/Yubico/u2f_keys (or
$HOME/.config/Yubico/u2f_keys if XDG variable is
not set) are able to log in with the associated U2F key
|
| services.wstunnel.clients.<name>.tlsSNI | Use this as the SNI while connecting via TLS
|
| systemd.services.<name>.startLimitBurst | Configure unit start rate limiting
|
| boot.loader.systemd-boot.windows.<name>.sortKey | systemd-boot orders the menu entries by their sort keys,
so if you want something to appear after all the NixOS entries,
it should start with o or onwards
|
| services.prometheus.exporters.script.settings.scripts.*.name | Name of the script.
|
| services.snipe-it.nginx.locations.<name>.root | Root directory for requests.
|
| services.nebula.networks.<name>.listen.host | IP address to listen on.
|
| services.nebula.networks.<name>.listen.port | Port number to listen on.
|
| services.znc.confOptions.networks.<name>.port | IRC server port.
|
| services.jupyter.kernels.<name>.extraPaths | Extra paths to link in kernel directory
|
| services.ytdl-sub.instances.<name>.enable | Whether to enable ytdl-sub instance.
|
| networking.interfaces.<name>.virtualType | The type of interface to create
|
| services.fedimintd.<name>.dataDir | Path to the data dir fedimintd will use to store its data
|
| containers.<name>.path | As an alternative to specifying
config, you can specify the path to
the evaluated NixOS system configuration, typically a
symlink to a system profile.
|
| services.nginx.virtualHosts.<name>.kTLS | Whether to enable kTLS support
|
| services.tahoe.nodes.<name>.client.shares.needed | The number of shares required to reconstitute a file.
|
| services.tinc.networks.<name>.hostSettings.<name>.subnets.*.address | The subnet of this host
|
| services.nginx.virtualHosts.<name>.basicAuth | Basic Auth protection for a vhost
|
| systemd.network.netdevs.<name>.xfrmConfig | Each attribute in this set specifies an option in the
[Xfrm] section of the unit
|
| systemd.network.netdevs.<name>.peerConfig | Each attribute in this set specifies an option in the
[Peer] section of the unit
|
| systemd.network.netdevs.<name>.l2tpConfig | Each attribute in this set specifies an option in the
[L2TP] section of the unit
|
| systemd.network.netdevs.<name>.vlanConfig | Each attribute in this set specifies an option in the
[VLAN] section of the unit
|
| systemd.network.netdevs.<name>.wlanConfig | Each attribute in this set specifies an option in the [WLAN] section of the unit
|
| systemd.network.netdevs.<name>.bondConfig | Each attribute in this set specifies an option in the
[Bond] section of the unit
|
| image.repart.partitions.<name>.storePaths | The store paths to include in the partition.
|
| services.fedimintd.<name>.nginx.enable | Whether to configure nginx for fedimintd
|
| services.httpd.virtualHosts.<name>.sslServerCert | Path to server SSL certificate.
|
| services.firewalld.zones.<name>.target | Action for packets that doesn't match any rules.
|