| services.gancio.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.akkoma.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.fluidd.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.monica.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.matomo.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.prometheus.exporters.mqtt.environmentFile | File to load as environment file
|
| networking.networkmanager.ensureProfiles.secrets.entries | A list of secrets to provide to NetworkManager by reading their values from configured files
|
| services.prometheus.scrapeConfigs.*.docker_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.prometheus.scrapeConfigs.*.eureka_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.prometheus.scrapeConfigs.*.linode_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.prometheus.scrapeConfigs.*.consul_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.system76-scheduler.settings.processScheduler.pipewireBoost.profile.nice | Niceness.
|
| services.sourcehut.todo.group | Group for todo.sr.ht
|
| services.sourcehut.meta.group | Group for meta.sr.ht
|
| services.cachix-watch-store.cachixTokenFile | Required file that needs to contain the cachix auth token.
|
| services.komodo-periphery.ssl.keyFile | Path to SSL key file.
|
| services.hickory-dns.configFile | Path to an existing toml file to configure hickory-dns with
|
| nix.settings | Configuration for Nix, see
https://nixos.org/manual/nix/stable/command-ref/conf-file.html or
nix.conf(5) for available options
|
| security.acme.certs.<name>.webroot | Where the webroot of the HTTP vhost is located.
.well-known/acme-challenge/ directory
will be created below the webroot if it doesn't exist.
http://example.org/.well-known/acme-challenge/ must also
be available (notice unencrypted HTTP).
|
| services.actual.settings | Server settings, refer to the documentation for available options
|
| networking.ucarp.passwordFile | File containing shared password between CARP hosts.
|
| programs.spacefm.settings | The system-wide spacefm configuration
|
| services.metabase.ssl.keystore | Java KeyStore file containing the certificates.
|
| services.octoprint.extraConfig | Extra options which are added to OctoPrint's YAML configuration file.
|
| services.transfer-sh.secretFile | Path to file containing environment variables
|
| services.prosody.virtualHosts.<name>.ssl.key | Path to the key file.
|
| services.radicale.rights | Configuration for Radicale's rights file
|
| services.peering-manager.secretKeyFile | Path to a file containing the secret key.
|
| services.pinnwand.settings | Your pinnwand.toml as a Nix attribute set
|
| services.postsrsd.settings | Configuration options for the postsrsd.conf file
|
| services.zabbixWeb.database.socket | Path to the unix socket file to use for authentication.
|
| users.extraUsers.<name>.hashedPasswordFile | The full path to a file that contains the hash of the user's
password
|
| services.system76-scheduler.settings.cfsProfiles.default.wakeup-granularity | sched_wakeup_granularity_ns.
|
| services.system76-scheduler.settings.processScheduler.pipewireBoost.profile.prio | CPU scheduler priority.
|
| services.prometheus.exporters.blackbox.enableConfigCheck | Whether to run a correctness check for the configuration file
|
| services.system76-scheduler.settings.processScheduler.pipewireBoost.profile.ioPrio | IO scheduler priority.
|
| programs.git.config | Configuration to write to /etc/gitconfig
|
| services.cassandra.extraConfig | Extra options to be merged into cassandra.yaml as nix attribute set.
|
| hardware.deviceTree.overlays.*.dtsText | Literal DTS contents, overlay is applied to
each .dtb file matching "compatible" of the overlay.
|
| boot.initrd.systemd.contents.<name>.enable | Whether to enable copying of this file and symlinking it.
|
| services.amule.WebServerPasswordFile | File containing the password for connecting to the web server,
set this only if you didn't set `settings
|
| services.headphones.configFile | Path to config file.
|
| services.davis.database.urlFile | A file containing the database connection url
|
| services.hans.clients.<name>.passwordFile | File that contains password
|
| services.ncps.cache.redis.passwordFile | File containing the redis password for authentication (for Redis ACL).
|
| services.nginx.appendConfig | Configuration lines appended to the generated Nginx
configuration file
|
| services.nipap.nipap-www.xmlrpcURIFile | Path to file containing XMLRPC URI for use by web UI - this is a secret, since it contains auth credentials
|
| services.stubby.settings | Content of the Stubby configuration file
|
| services.outline.storage.uploadMaxSize | Maxmium file size for uploads.
|
| systemd.shutdownRamfs.storePaths.*.enable | Whether to enable copying of this file and symlinking it.
|
| services.webdav-server-rs.settings | Attrset that is converted and passed as config file
|
| users.ldap.bind.policy | Specifies the policy to use for reconnecting to an unavailable
LDAP server
|
| services.uptime.configFile | The uptime configuration file
If mongodb: server != localhost, please set usesRemoteMongo = true
If you only want to run the monitor, please set enableWebService = false
and enableSeparateMonitoringService = true
If autoStartMonitor: false (recommended) and you want to run both
services, please set enableSeparateMonitoringService = true
|
| services.frigate.settings | Frigate configuration as a nix attribute set
|
| services.k3s.images | List of derivations that provide container images
|
| services.prometheus.pushgateway.persistMetrics | Whether to persist metrics to a file
|
| services.paisa.settings.journalFile | Filename of the main journal / ledger file.
|
| services.riemann.configFiles | Extra files containing Riemann configuration
|
| services.system76-scheduler.settings.processScheduler.pipewireBoost.profile.class | CPU scheduler class.
|
| services.prometheus.scrapeConfigs.*.openstack_sd_configs.*.tls_config.key_file | Key file for client cert authentication to the server.
|
| networking.networkmanager.ensureProfiles.secrets.entries.*.matchIface | interface name of the NetworkManager connection
|
| services.system76-scheduler.settings.processScheduler.pipewireBoost.profile.ioClass | IO scheduler class.
|
| services.magnetico.web.credentialsFile | The path to the file holding the credentials to access the web
interface
|
| services.aria2.settings.save-session | Save error/unfinished downloads to FILE on exit.
|
| services.komodo-periphery.ssl.certFile | Path to SSL certificate file.
|
| services.akkoma.initDb.password | Password of the database user to initialise the database with
|
| security.pam.services.<name>.yubicoAuth | If set, users listed in
~/.yubico/authorized_yubikeys
are able to log in with the associated Yubikey tokens.
|
| services.bluemap.webappSettings | Settings for the webapp.conf file, see upstream docs.
|
| fonts.fontconfig.enable | If enabled, a Fontconfig configuration file will be built
pointing to a set of default fonts
|
| services.redis.servers.<name>.requirePassFile | File with password for the database.
|
| services.prosody.virtualHosts.<name>.ssl.cert | Path to the certificate file.
|
| services.sunshine.settings | Settings to be rendered into the configuration file
|
| services.nagios.virtualHost.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| services.nominatim.ui.config | Nominatim UI configuration placed to theme/config.theme.js file
|
| services.searx.limiterSettings | Limiter settings for SearXNG.
|
| services.moodle.virtualHost.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| services.lighttpd.extraConfig | These configuration lines will be appended to the generated lighttpd
config file
|
| services.pomerium.secretsFile | Path to file containing secrets for Pomerium, in systemd
EnvironmentFile format
|
| services.redis.servers.<name>.appendOnly | By default data is only periodically persisted to disk, enable this option to use an append-only file for improved persistence.
|
| services.logrotate.configFile | Override the configuration file used by logrotate
|
| services.openafsClient.mountPoint | Mountpoint of the AFS file tree, conventionally
/afs
|
| services.xserver.monitorSection | Contents of the first Monitor section of the X server configuration file.
|
| services.wiki-js.settings | Settings to configure wiki-js
|
| services.vault.storageConfig | HCL configuration to insert in the storageBackend section
|
| services.munin-cron.enable | Enable munin-cron
|
| services.matrix-synapse.settings.app_service_config_files | A list of application service config file to use
|
| services.sourcehut.paste.group | Group for paste.sr.ht
|
| services.peering-manager.enableOidc | Enable OIDC-Authentication for Peering Manager
|
| services.sourcehut.lists.group | Group for lists.sr.ht
|
| services.sourcehut.pages.group | Group for pages.sr.ht
|
| services.buildbot-master.masterCfg | Optionally pass master.cfg path
|
| services.klipper.mutableConfig | Whether to manage the config outside of NixOS
|
| services.cntlm.proxy | A list of NTLM/NTLMv2 authenticating HTTP proxies
|
| services.forgejo.database.socket | Path to the unix socket file to use for authentication.
|
| services.saunafs.master.settings | Contents of config file (sfsmaster.cfg(5)).
|
| services.shibboleth-sp.configFile | Path to shibboleth config file
|
| services.nextcloud.settings | Extra options which should be appended to Nextcloud's config.php file.
|
| services.redmine.database.socket | Path to the unix socket file to use for authentication.
|
| services.swapspace.settings | Config file for swapspace
|
| services.peering-manager.enableLdap | Enable LDAP-Authentication for Peering Manager
|