| services.prometheus.exporters.smokeping.telemetryPath | Path under which to expose metrics.
|
| services.syslog-ng.extraModulePaths | A list of paths that should be included in syslog-ng's
--module-path option
|
| services.prometheus.scrapeConfigs.*.scaleway_sd_configs.*.access_key | Access key to use. https://console.scaleway.com/project/credentials
|
| services.prometheus.exporters.collectd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.collectd.openFirewall is true.
|
| services.nextcloud-spreed-signaling.user | User account under which to run the Spreed signaling server.
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.refresh_interval | The time to wait between polling update requests
|
| services.mympd.settings.http_port | The HTTP port where mympd's web interface will be available
|
| services.scollector.bosunHost | Host and port of the bosun server that will store the collected
data.
|
| services.tor.settings.DirCache | See torrc manual.
|
| services.riemann-dash.dataDir | Location of the riemann-base dir
|
| services.nvme-rs.settings.email.smtp_username | SMTP username
|
| services.packagekit.enable | Whether to enable PackageKit, a cross-platform D-Bus abstraction layer for
installing software
|
| services.maddy.group | Group account under which maddy runs.
If left as the default value this group will automatically be created
on system activation, otherwise the sysadmin is responsible for
ensuring the group exists before the maddy service starts.
|
| services.tor.openFirewall | Whether to enable opening of the relay port(s) in the firewall.
|
| services.tor.settings.ExitPolicyRejectPrivate | See torrc manual.
|
| services.shiori.databaseUrl | The connection URL to connect to MySQL or PostgreSQL
|
| services.nvme-rs.settings.email.smtp_server | SMTP server address
|
| services.prometheus.exporters.influxdb.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.influxdb.openFirewall
is true
|
| services.netbird.clients | Attribute set of NetBird client daemons, by default each one will:
- be manageable using dedicated tooling:
netbird-<name> script,NetBird - netbird-<name> graphical interface when appropriate (see ui.enable),
- run as a
netbird-<name>.service,
- listen for incoming remote connections on the port
51820 (openFirewall by default),
- manage the
netbird-<name> wireguard interface,
- use the /var/lib/netbird-/config.json configuration file,
- override /var/lib/netbird-/config.json with values from /etc/netbird-/config.d/*.json,
- (
hardened) be locally manageable by netbird-<name> system group,
With following caveats:
- multiple daemons will interfere with each other's DNS resolution of
netbird.cloud, but
should remain fully operational otherwise
|
| services.snapserver.settings | Snapserver configuration
|
| services.tabby.host | Specifies the hostname on which the tabby server HTTP interface listens.
|
| services.mailman.webUser | User to run mailman-web as
|
| services.misskey.reverseProxy.webserver.nginx.http2 | Whether to enable the HTTP/2 protocol
|
| services.nsd.zones.<name>.zoneStats | When set to something distinct to null NSD is able to collect
statistics per zone
|
| services.softether.enable | Whether to enable SoftEther VPN services.
|
| services.opensnitch.settings.Ebpf.ModulesPath | Configure eBPF modules path
|
| services.public-inbox.inboxes.<name>.url | URL where this inbox can be accessed over HTTP.
|
| services.rimgo.enable | Whether to enable rimgo.
|
| services.seatd.enable | Whether to enable seatd.
|
| services.prometheus.exporters.ecoflow.prefix | The prefix that will be added to all metrics
|
| services.peerflix.enable | Whether to enable peerflix service.
|
| services.prometheus.remoteRead.*.basic_auth.password | HTTP password
|
| services.radicale.config | Radicale configuration, this will set the service
configuration file
|
| services.prometheus.scrapeConfigs.*.docker_sd_configs.*.refresh_interval | The time after which the containers are refreshed
|
| services.movim.nginx.sslCertificateKey | Path to server SSL certificate key.
|
| services.matrix-tuwunel.settings.global.allow_federation | Whether this server federates with other servers.
|
| services.nginx.virtualHosts.<name>.listen.*.addr | Listen address.
|
| services.prometheus.exporters.node.enabledCollectors | Collectors to enable
|
| services.subsonic.enable | Whether to enable Subsonic daemon.
|
| services.pgadmin.minimumPasswordLength | Minimum length of the password
|
| services.sharkey.openFirewall | Whether to open ports in the NixOS firewall for Sharkey.
|
| services.logind.settings.Login.KillUserProcesses | Specifies whether the processes of a user should be killed
when the user logs out
|
| services.netbird.clients.<name>.dns-resolver.port | A port to serve DNS entries on when dns-resolver.address is enabled.
|
| services.sabnzbd.settings.misc.enable_https | Whether to enable HTTPS for the web UI
|
| services.prometheus.scrapeConfigs.*.scaleway_sd_configs.*.api_url | API URL to use when doing the server listing requests
|
| services.prefect.databasePasswordFile | path to a file containing e.g.:
DBPASSWORD=supersecret
stored outside the nix store, read by systemd as EnvironmentFile.
|
| services.prometheus.scrapeConfigs.*.puppetdb_sd_configs.*.oauth2.endpoint_params | Optional parameters to append to the token URL.
|
| services.pdfding.database.passwordFile | File containing POSTGRES_PASSWORD
|
| services.rathole.package | The rathole package to use.
|
| services.mjolnir.pantalaimon.options.listenPort | The port where the daemon will listen to client connections for
this homeserver
|
| services.privoxy.settings | This option is mapped to the main Privoxy configuration file
|
| services.pykms.listenAddress | The IP address on which to listen.
|
| services.prometheus.exporters.lnd.group | Group under which the lnd exporter shall be run.
|
| services.mongodb.enable | Whether to enable the MongoDB server.
|
| services.qui.package | The qui package to use.
|
| services.prometheus.exporters.postgres.group | Group under which the postgres exporter shall be run.
|
| services.stubby.settings | Content of the Stubby configuration file
|
| services.thinkfan.fans.*.query | The query string used to match one or more fans: can be
a fullpath to the temperature file (single fan) or a fullpath
to a driver directory (multiple fans).
When multiple fans match, the query can be restricted using the
name or indices options.
|
| services.mattermost.pluginsBundle | Derivation building to a directory of plugin tarballs
|
| services.octoprint.enable | Whether to enable OctoPrint, web interface for 3D printers.
|
| services.movim.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.porn-vault.openFirewall | Whether to open the Porn-Vault port in the firewall.
|
| services.postgresqlWalReceiver.receivers.<name>.compress | Enables gzip compression of write-ahead logs, and specifies the compression level
(0 through 9, 0 being no compression and 9 being best compression)
|
| services.tor.settings.LongLivedPorts | See torrc manual.
|
| services.prometheus.exporters.knot.group | Group under which the knot exporter shall be run.
|
| services.rstudio-server.rserverExtraConfig | Extra contents for rserver.conf.
|
| services.matrix-conduit.package | The matrix-conduit package to use.
|
| services.prometheus.exporters.frr.listenAddress | Address to listen on.
|
| services.mastodon.database.port | Database host port.
|
| services.mealie.enable | Whether to enable Mealie, a recipe manager and meal planner.
|
| services.roundcube.database.dbname | Name of the postgresql database
|
| services.prosody.modules.dialback | s2s dialback support
|
| services.torrentstream.port | TorrentStream port.
|
| services.lubelogger.group | Group under which LubeLogger runs.
|
| services.prometheus.exporters.exportarr-bazarr.environment | See the configuration guide for available options.
|
| services.nzbget.enable | Whether to enable NZBGet, for downloading files from news servers.
|
| services.scanservjs.settings.host | The IP to listen on.
|
| services.mqtt2influxdb.mqtt.username | Username used to connect to the MQTT server.
|
| services.strfry.settings | Configuration options to set for the Strfry service
|
| services.prometheus.exporters.rspamd.extraFlags | Extra commandline options to pass to the rspamd exporter.
|
| services.slurm.rest.environment.SLURMRESTD_DEBUG | Set debug level explicitly
|
| services.picom.activeOpacity | Opacity of active windows.
|
| services.sympa.database.createLocally | Whether to create a local database automatically.
|
| services.openafsServer.roles.backup.cellServDB | Definition of all cell-local backup database server machines
|
| services.postgrest.pgpassFile | The password to authenticate to PostgreSQL with
|
| services.prometheus.scrapeConfigs.*.hetzner_sd_configs.*.authorization.credentials_file | Sets the credentials to the credentials read from the configured file
|
| services.monica.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.matter-server.package | The python-matter-server package to use.
|
| services.nginx.virtualHosts.<name>.redirectCode | HTTP status used by globalRedirect and forceSSL
|
| services.strongswan-swanctl.swanctl.authorities.<name>.ocsp_uris | List of OCSP URIs
|
| services.moonraker.enable | Whether to enable Moonraker, an API web server for Klipper.
|
| services.prometheus.exporters.ecoflow.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.ecoflow.openFirewall
is true
|
| services.paisa.host | Host bind IP address.
|
| services.strongswan-swanctl.swanctl.connections.<name>.dscp | Differentiated Services Field Codepoint to set on outgoing IKE packets for
this connection
|
| services.prometheus.exporters.mqtt.prometheusPrefix | Prefix added to the metric name.
|
| services.prometheus.scrapeConfigs.*.openstack_sd_configs.*.refresh_interval | Refresh interval to re-read the instance list
|
| services.prometheus.exporters.exportarr-sonarr.extraFlags | Extra commandline options to pass to the exportarr-sonarr exporter.
|
| services.prometheus.scrapeConfigs.*.gce_sd_configs.*.filter | Filter can be used optionally to filter the instance list by other
criteria Syntax of this filter string is described here in the filter
query parameter section: https://cloud.google.com/compute/docs/reference/latest/instances/list.
|
| services.schleuder.listDefaults | Default settings for lists (list-defaults.yml)
|
| services.multipath.devices.*.user_friendly_names | If set to "yes", using the bindings file /etc/multipath/bindings
to assign a persistent and unique alias to the multipath, in the
form of mpath
|