| services.drupal.sites.<name>.virtualHost.sslServerChain | Path to server SSL chain file.
|
| services.angrr.settings.owned-only | Only monitors owned symbolic link target of GC roots.
- "auto": behaves like true for normal users, false for root.
- "true": only monitor GC roots owned by the current user.
- "false": monitor all GC roots.
|
| services.davis.mail.inviteFromAddress | Email address to send invitations from.
|
| services.discourse.enableACME | Whether an ACME certificate should be used to secure
connections to the server.
|
| services.fedimintd.<name>.nginx.config.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.gitlab.enable | Enable the gitlab service.
|
| services.gocd-agent.environment | Additional environment variables to be passed to the Go
|
| powerManagement.scsiLinkPolicy | SCSI link power management policy
|
| security.dhparams.stateful | Whether generation of Diffie-Hellman parameters should be stateful or
not
|
| services.exim.package | The exim package to use
|
| programs.mepo.locationBackends.geoclue | Whether to enable location detection via geoclue
|
| services.icingaweb2.modules.monitoring.transports.<name>.path | Path to the socket for local or remote transports
|
| console.packages | List of additional packages that provide console fonts, keymaps and
other resources for virtual consoles use.
|
| hardware.facter.detected.dhcp.interfaces | List of network interface names to configure with DHCP
|
| services.dolibarr.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.gitlab.logrotate.frequency | How often to rotate the logs.
|
| services.gollum.group | Specifies the owner group of the wiki directory
|
| services.journald.remote.listen | Which protocol to listen to.
|
| services.libinput.mouse.disableWhileTyping | Disable input method while typing.
|
| services.chhoto-url.settings.disable_frontend | Whether to disable the frontend.
|
| services.influxdb2.package | The influxdb2 package to use.
|
| services.libinput.touchpad.disableWhileTyping | Disable input method while typing.
|
| boot.loader.grub.zfsSupport | Whether GRUB should be built against libzfs.
|
| boot.modprobeConfig.enable | Whether to enable modprobe config
|
| programs.qdmr.enable | Whether to enable QDMR - a GUI application and command line tool for programming DMR radios.
|
| services.gns3-server.ssl.enable | Whether to enable SSL encryption.
|
| services.hardware.pommed.enable | Whether to use the pommed tool to handle Apple laptop
keyboard hotkeys.
|
| services.athens.robotsFile | Provides /robots.txt for net crawlers.
|
| services.clamav.updater.interval | How often freshclam is invoked
|
| services.dependency-track.logLevel | Log level for dependency-track
|
| services.gmediarender.uuid | A UUID for uniquely identifying the endpoint
|
| services.librenms.finalPackage | The final package used by the module
|
| services.grafana.settings.users.hidden_users | This is a comma-separated list of usernames
|
| services.audiobookshelf.group | Group under which Audiobookshelf runs.
|
| services.i2pd.upnp.enable | Whether to enable UPnP service discovery.
|
| services.akkoma.nginx.forceSSL | Whether to add a separate nginx server block that redirects (defaults
to 301, configurable with redirectCode) all plain HTTP traffic to
HTTPS
|
| services.jitsi-videobridge.xmppConfigs.<name>.disableCertificateVerification | Whether to skip validation of the server's certificate.
|
| services.anubis.defaultOptions.settings.POLICY_FNAME | The policy file to use
|
| services.beszel.hub.environmentFile | Environment file to be passed to the systemd service
|
| services.crowdsec.group | The group to run crowdsec as
|
| services.davis.nginx.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| boot.loader.systemd-boot.sortKey | The sort key used for the NixOS bootloader entries
|
| services.biboumi.settings | See biboumi 9.0
for documentation.
|
| services.displayManager.gdm.autoSuspend | On the GNOME Display Manager login screen, suspend the machine after inactivity.
(Does not affect automatic suspend while logged in, or at lock screen.)
|
| services.fediwall.settings.servers | Servers to load posts from
|
| services.crab-hole.settings.blocklist.allow_list | List of allowlists
|
| services.freeradius.debug | Whether to enable debug logging for freeradius (-xx
option)
|
| services.jellyseerr.package | The jellyseerr package to use.
|
| services.grafana.declarativePlugins | If non-null, then a list of packages containing Grafana plugins to install
|
| networking.nftables.tables.<name>.content | The table content.
|
| services.autossh.sessions.*.extraArguments | Arguments to be passed to AutoSSH and retransmitted to SSH
process
|
| services.agorakit.nginx | With this option, you can customize the nginx virtualHost settings.
|
| services.dashy.settings | Settings serialized into user-data/conf.yml before build
|
| services.lavalink.plugins | A list of plugins for lavalink.
|
| boot.loader.limine.additionalFiles | A set of files to be copied to /boot
|
| security.acme.certs.<name>.inheritDefaults | Whether to inherit values set in security.acme.defaults or not.
|
| services.gitea.settings.server.STATIC_ROOT_PATH | Upper level of template and static files path.
|
| services.firewalld.services.<name>.short | Short description for the service.
|
| services.ddclient.configFile | Path to configuration file
|
| services.blockbook-frontend.<name>.configFile | Location of the blockbook configuration file.
|
| services.kmscon.enable | Whether to enable kmscon as the virtual console instead of gettys.
kmscon is a kms/dri-based userspace virtual terminal implementation
|
| powerManagement.powerDownCommands | Commands executed when the machine powers down
|
| hardware.pcmcia.enable | Enable this option to support PCMCIA card.
|
| services.anuko-time-tracker.nginx.listen | Listen addresses and ports for this virtual host
|
| services.asusd.fanCurvesConfig.text | Text of the file.
|
| services.c2fmzq-server.settings | Configuration for c2FmZQ-server passed as CLI arguments
|
| services.firezone.server.settingsSecret.RELEASE_COOKIE | A file containing a unique secret identifier for the Erlang
cluster
|
| networking.getaddrinfo.enable | Enables custom address sorting configuration for getaddrinfo(3) according to RFC 3484
|
| networking.nat.forwardPorts.*.proto | Protocol of forwarded connection
|
| security.pam.services.<name>.gnupg.enable | If enabled, pam_gnupg will attempt to automatically unlock the
user's GPG keys with the login password via
gpg-agent
|
| services.fediwall.nginx.locations | Declarative location config
|
| networking.dhcpcd.extraConfig | Literal string to append to the config file generated for dhcpcd.
|
| programs.bash.vteIntegration | Whether to enable Bash integration for VTE terminals
|
| services.anubis.instances.<name>.group | The group under which Anubis is run
|
| services.freeciv.settings.read | Startup script.
|
| services.drupal.sites.<name>.virtualHost.extraConfig | These lines go to httpd.conf verbatim
|
| services.fediwall.nginx.listenAddresses | Listen addresses for this virtual host
|
| services.anuko-time-tracker.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.atuin.database.uri | URI to the database
|
| services.botamusique.enable | Whether to enable botamusique, a bot to play audio streams on mumble.
|
| services.epgstation.settings.socketioPort | Socket.io port for EPGStation to listen on
|
| networking.firewall.interfaces.<name>.allowedUDPPorts | List of open UDP ports.
|
| networking.interfaces.<name>.ipv6.routes.*.options | Other route options
|
| programs.sway.extraOptions | Command line arguments passed to launch Sway
|
| services.cockroachdb.http.address | Address to bind to for http-based Admin UI
|
| services.diod.exportopts | Establish a default set of export options
|
| services.firewalld.services.<name>.destination.ipv4 | IPv4 destination.
|
| services.flaresolverr.package | The flaresolverr package to use.
|
| services.blocky.package | The blocky package to use.
|
| hardware.wooting.enable | Whether to enable support for Wooting keyboards.
|
| services.i2pd.proto.http.auth | Whether to enable webconsole authentication.
|
| programs.pay-respects.aiIntegration | Whether to enable pay-respects' LLM integration
|
| services.couchdb.enable | Whether to enable CouchDB Server.
|
| services.fedimintd.<name>.nginx.config.listen.*.ssl | Enable SSL.
|
| services.i2pd.ntcp2.published | Whether to enable NTCP2 publication.
|
| services.infinoted.package | The libinfinity package to use.
|
| services.corosync.nodelist.*.ring_addrs | List of addresses, one for each ring.
|
| services.healthchecks.settings.DB_NAME | Database name.
|
| services.authelia.instances.<name>.settings | Your Authelia config.yml as a Nix attribute set
|
| boot.loader.grub.users | User accounts for GRUB
|