| services.nextcloud.config.dbhost | Database host (+port) or socket path
|
| services.prometheus.exporters.bitcoin.rpcPasswordFile | File containing RPC password.
|
| services.ngircd.enable | Whether to enable the ngircd IRC server.
|
| services.tarsnap.archives.<name>.excludes | Exclude files and directories matching these patterns.
|
| services.tigerbeetle.addresses | The addresses of all replicas in the cluster
|
| services.prometheus.exporters.postfix.systemd.journalPath | Path to the systemd journal.
|
| services.prosody.modules.vcard | Allow users to set vCards
|
| services.tor.relay.onionServices.<name>.version | See torrc manual.
|
| services.mediatomb.ps3Support | Whether to enable ps3 specific tweaks
|
| services.opensearch.settings."transport.port" | The port to listen on for transport traffic.
|
| services.mysql.configFile | Override the configuration file used by MySQL
|
| services.tinc.networks.<name>.hostSettings.<name>.subnets.*.weight | Indicates the priority over identical Subnets owned by different nodes
|
| services.nextcloud.config.dbname | Database name.
|
| services.prometheus.exporters.influxdb.listenAddress | Address to listen on.
|
| services.oauth2-proxy.cookie.name | The name of the cookie that the oauth_proxy creates.
|
| services.maubot.settings.api_features | API feature switches.
|
| services.plex.enable | Whether to enable Plex Media Server.
|
| services.prometheus.exporters.process.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.process.openFirewall is true.
|
| services.sabnzbd.settings.misc.email_endjob | Whether to send emails on job completion
|
| services.prometheus.scrapeConfigs.*.consul_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.prometheus.remoteWrite.*.write_relabel_configs.*.source_labels | The source labels select values from existing labels
|
| services.snipe-it.poolConfig | Options for the snipe-it PHP pool
|
| services.rspamd.overrides.<name>.source | Path of the source file.
|
| services.prometheus.scrapeConfigs.*.digitalocean_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.open-webui.stateDir | State directory of Open-WebUI.
|
| services.tor.settings.AuthDirPinKeys | See torrc manual.
|
| services.udp-over-tcp.udp2tcp.<name>.nodelay | Enables TCP_NODELAY on the TCP socket.
|
| services.nullidentdmod.userid | User ID to return
|
| services.onlyoffice.hostname | FQDN for the OnlyOffice instance.
|
| services.openvscode-server.userDataDir | Specifies the directory that user data is kept in
|
| services.tika.port | The Apache Tike port to listen on
|
| services.taler.exchange.enable | Whether to enable the GNU Taler exchange.
|
| services.pgadmin.enable | Whether to enable PostgreSQL Admin 4.
|
| services.sitespeed-io.enable | Whether to enable Sitespeed.io.
|
| services.prometheus.exporters.nvidia-gpu.enable | Whether to enable the prometheus nvidia-gpu exporter.
|
| services.tor.relay.onionServices.<name>.settings.HiddenServiceDirGroupReadable | See torrc manual.
|
| services.strongswan-swanctl.swanctl.secrets.ike.<name>.secret | Value of the IKE preshared secret
|
| services.prometheus.scrapeConfigs.*.docker_sd_configs.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|
| services.moodle.virtualHost.extraConfig | These lines go to httpd.conf verbatim
|
| services.llama-cpp.enable | Whether to enable LLaMA C++ server.
|
| services.pretix.settings | pretix configuration as a Nix attribute set
|
| services.syncplay.ready | Check readiness of users.
|
| services.tor.settings.VirtualAddrNetworkIPv6 | See torrc manual.
|
| services.livebook.extraPackages | Extra packages to make available to the Livebook service.
|
| services.munge.enable | Whether to enable munge service.
|
| services.snapserver.settings | Snapserver configuration
|
| services.matrix-alertmanager.port | Port that matrix-alertmanager listens on.
|
| services.pretalx.settings.filesystem.logs | Path to the log directory, that pretalx logs message to.
|
| services.moodle.virtualHost.listen.*.ssl | Whether to enable SSL (https) support.
|
| services.mail.sendmailSetuidWrapper.permissions | The permissions of the wrapper program
|
| services.restic.server.package | The restic-rest-server package to use.
|
| services.mpd.credentials.*.permissions | List of permissions that are granted with this password
|
| services.samba.openFirewall | Whether to enable opening the default ports in the firewall for Samba.
|
| services.prometheus.pushgateway.web.telemetry-path | Path under which to expose metrics.
null will default to /metrics.
|
| services.limesurvey.encryptionKeyFile | 32-byte key used to encrypt variables in the database
|
| services.postgrey.socket | Socket to bind to
|
| services.pyload.credentialsFile | File containing PYLOAD_DEFAULT_USERNAME and
PYLOAD_DEFAULT_PASSWORD in the format of an EnvironmentFile=,
as described by systemd.exec(5)
|
| services.privoxy.settings.enable-edit-actions | Whether the web-based actions file editor may be used.
|
| services.scrutiny.enable | Whether to enable Scrutiny, a web application for drive monitoring.
|
| services.stunnel.user | The user under which stunnel runs.
|
| services.nginx.virtualHosts.<name>.listen.*.port | Port number to listen on
|
| services.lokinet.settings.network.keyfile | The private key to persist address with
|
| services.prometheus.exporters.jitsi.port | Port to listen on.
|
| services.slskd.nginx.extraConfig | These lines go to the end of the vhost verbatim.
|
| services.nullmailer.config.doublebounceto | If the original sender was empty (the original message was a
delivery status or disposition notification), the double bounce
is sent to the address in this attribute.
|
| services.routinator.enable | Whether to enable Routinator 3000.
|
| services.microbin.settings | Additional configuration for MicroBin, see
https://microbin.eu/docs/installation-and-configuration/configuration/
for supported values
|
| services.unclutter-xfixes.threshold | Minimum number of pixels considered cursor movement.
|
| services.pdfding.backup.enable | Automatic backup of important data to a AWS S3 (or compatible) instance
|
| services.synergy.client.screenName | Use the given name instead of the hostname to identify
ourselves to the server.
|
| services.misskey.redis.passwordFile | The path to a file containing the Redis password
|
| services.slurm.partitionName | Name by which the partition may be referenced
|
| services.smokeping.config | Full smokeping config supplied by the user
|
| services.prometheus.exporters.artifactory.openFirewall | Open port in firewall for incoming connections.
|
| services.magnetico.web.extraOptions | Extra command line arguments to pass to magneticow.
|
| services.prometheus.exporters.mikrotik.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.mikrotik.openFirewall is true.
|
| services.livekit.ingress.openFirewall.rtmp | Open RTMP port in the firewall.
|
| services.mysql.group | Group account under which MySQL runs.
If left as the default value this group will automatically be created
on system activation, otherwise you are responsible for
ensuring the user exists before the MySQL service starts.
|
| services.prometheus.exporters.restic.environmentFile | File containing the credentials to access the repository, in the
format of an EnvironmentFile as described by systemd.exec(5)
|
| services.unpoller.influxdb.pass | Path of a file containing the password for influxdb
|
| services.strongswan-swanctl.swanctl.connections.<name>.local_port | Local UDP port for IKE communication
|
| services.strongswan-swanctl.swanctl.pools.<name>.nbns | Address or CIDR subnets
StrongSwan default: []
|
| services.pocket-id.settings.APP_URL | The URL where you will access the app.
|
| services.prometheus.exporters.php-fpm.user | User name under which the php-fpm exporter shall be run.
|
| services.speechd.modules | Configuration files of output modules.
|
| services.nullmailer.user | User to use to run nullmailer-send.
|
| services.nullmailer.config.helohost | Sets the environment variable $HELOHOST which is used by the
SMTP protocol module to set the parameter given to the HELO command
|
| services.lvm.boot.thin.enable | Whether to enable support for booting from ThinLVs.
|
| services.rethinkdb.group | Group which rethinkdb user belongs to.
|
| services.mautrix-telegram.environmentFile | File containing environment variables to be passed to the mautrix-telegram service,
in which secret tokens can be specified securely by defining values for e.g.
MAUTRIX_TELEGRAM_APPSERVICE_AS_TOKEN,
MAUTRIX_TELEGRAM_APPSERVICE_HS_TOKEN,
MAUTRIX_TELEGRAM_TELEGRAM_API_ID,
MAUTRIX_TELEGRAM_TELEGRAM_API_HASH and optionally
MAUTRIX_TELEGRAM_TELEGRAM_BOT_TOKEN
|
| services.scollector.bosunHost | Host and port of the bosun server that will store the collected
data.
|
| services.trickster.profiler-port | Port that the /debug/pprof endpoint will listen on.
|
| services.mysql.ensureDatabases | Ensures that the specified databases exist
|
| services.quicktun.<name>.privateKey | Local secret key in hexadecimal form.
This option is deprecated
|
| services.tomcat.enable | Whether to enable Apache Tomcat.
|
| services.tt-rss.pubSubHubbub.hub | URL to a PubSubHubbub-compatible hub server
|
| services.prometheus.scrapeConfigs.*.puppetdb_sd_configs.*.basic_auth.password | HTTP password
|
| services.lighthouse.validator | Validator node
|
| services.snipe-it.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.mjolnir.pantalaimon.options.ssl | Whether or not SSL verification should be enabled for outgoing
connections to the homeserver.
|