| services.rsyslogd.extraConfig | Additional text appended to syslog.conf,
i.e. the contents of defaultConfig.
|
| services.rspamd.overrides | Overridden configuration files, written into /etc/rspamd/override.d/{name}.
|
| services.wakapi.smtpPasswordFile | The path to a file containing the password for the smtp mailer used by Wakapi.
|
| services.prometheus.scrapeConfigs.*.hetzner_sd_configs.*.authorization.credentials_file | Sets the credentials to the credentials read from the configured file
|
| services.bluemap.coreSettings | Settings for the core.conf file, see upstream docs.
|
| services.paisa.settings | Paisa configuration
|
| hardware.tuxedo-drivers.settings.charging-profile | The maximum charge level to help reduce battery wear:
high_capacity charges to 100% (driver default)balanced charges to 90%stationary charges to 80% (maximum lifespan)
Note: Regardless of the configured charging profile, the operating system will always report the battery as being charged to 100%.
|
| services.angrr.settings.profile-policies.<name>.keep-current-system | Whether to keep the current system generation
|
| services.gitea.mailerPasswordFile | Path to a file containing the SMTP password.
|
| services.froide-govplan.secretKeyFile | Path to a file containing the secret key.
|
| services.prometheus.scrapeConfigs.*.dockerswarm_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.prometheus.scrapeConfigs.*.marathon_sd_configs.*.oauth2.client_secret_file | Read the client secret from a file
|
| services.prometheus.scrapeConfigs.*.puppetdb_sd_configs.*.oauth2.client_secret_file | Read the client secret from a file
|
| services.apache-kafka.settings."log.dirs" | Log file directories.
|
| security.auditd.plugins.<name>.args | This allows you to pass arguments to the child program
|
| services.mediawiki.skins | Attribute set of paths whose content is copied to the skins
subdirectory of the MediaWiki installation in addition to the default skins.
|
| services.grafana.settings.security.secret_key | Secret key used for signing
|
| services.cloudflared.tunnels.<name>.credentialsFile | Credential file
|
| services.system76-scheduler.settings.cfsProfiles.enable | Tweak CFS latency parameters when going on/off battery
|
| services.sourcehut.man.group | Group for man.sr.ht
|
| services.sourcehut.git.group | Group for git.sr.ht
|
| services.sourcehut.hub.group | Group for hub.sr.ht
|
| services.forgejo.settings | Free-form settings written directly to the app.ini configfile file
|
| programs.schroot.profiles.<name>.nssdatabases | System databases (as described in /etc/nsswitch.conf on GNU/Linux systems) to copy into the chroot from the host.
|
| services.lldap.settings.ldap_user_pass_file | Path to a file containing the default admin password
|
| services.slurm.server.enable | Whether to enable the slurm control daemon
|
| programs.rust-motd.enableMotdInSSHD | Whether to let openssh print the
result when entering a new ssh-session
|
| services.sing-box.settings | The sing-box configuration, see https://sing-box.sagernet.org/configuration/ for documentation
|
| boot.kernelModules | The set of kernel modules to be loaded in the second stage of
the boot process
|
| services.diod.squashuser | Change the squash user
|
| services.transmission.credentialsFile | Path to a JSON file to be merged with the settings
|
| services.activemq.configurationURI | The URI that is passed along to the BrokerFactory to
set up the configuration of the ActiveMQ broker service
|
| services.traccar.settingsFile | File used as configuration for traccar
|
| users.extraUsers.<name>.isNormalUser | Indicates whether this is an account for a “real” user
|
| services.nfs.server.createMountPoints | Whether to create the mount points in the exports file at startup time.
|
| services.mongodb.initialScript | A file containing MongoDB statements to execute on first startup.
|
| services.gerrit.builtinPlugins | List of builtins plugins to install
|
| services.xserver.moduleSection | Contents of the Module section of the X server configuration file.
|
| services.ergochat.settings | Ergo IRC daemon configuration file.
https://raw.githubusercontent.com/ergochat/ergo/master/default.yaml
|
| services.oauth2-proxy.clientSecretFile | The path to a file containing the OAuth Client Secret.
|
| services.saunafs.master.exports | Paths to exports file (see sfsexports.cfg(5)).
|
| services.wiki-js.settings.offline | Disable latest file updates and enable
sideloading.
|
| system.nssDatabases.passwd | List of passwd entries to configure in /etc/nsswitch.conf
|
| services.rethinkdb.pidpath | Location where each instance's pid file is located.
|
| services.wiki-js.stateDirectoryName | Name of the directory in /var/lib.
|
| services.moodle.database.socket | Path to the unix socket file to use for authentication.
|
| services.toxBootstrapd.keysFile | Node key file.
|
| services.nextcloud.settings."profile.enabled" | Makes user-profiles globally available under nextcloud.tld/u/user.name
|
| services.neo4j.ssl.policies.<name>.publicCertificate | The name of public X.509 certificate (chain) file in PEM format
for this policy to be found in the baseDirectory,
or the absolute path to the certificate file
|
| services.livekit.settings | LiveKit configuration file expressed in nix
|
| services.athens.storage.s3.secret | Secret key for the S3 storage backend
|
| services.hebbot.botPasswordFile | A path to the password file for your bot
|
| services.postfix.extraAliases | Additional entries to put verbatim into aliases file, cf. man-page aliases(8).
|
| services.podgrab.passwordFile | The path to a file containing the PASSWORD environment variable
definition for Podgrab's authentication.
|
| security.pam.services.<name>.updateWtmp | Whether to update /var/log/wtmp.
|
| services.xserver.screenSection | Contents of the first Screen section of the X server configuration file.
|
| services.xserver.deviceSection | Contents of the first Device section of the X server configuration file.
|
| networking.dhcpcd.extraConfig | Literal string to append to the config file generated for dhcpcd.
|
| programs.starship.settings | Configuration included in starship.toml
|
| services.llama-cpp.modelsPreset | Models preset configuration as a Nix attribute set
|
| services.gancio.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.akkoma.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.fluidd.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.monica.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.matomo.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.oauth2-proxy.cookie.secretFile | The path to a file containing the seed string for secure cookies.
|
| services.bitlbee.extraDefaults | Will be inserted in the Default section of the config file.
|
| services.bitlbee.extraSettings | Will be inserted in the Settings section of the config file.
|
| services.postfix.extraHeaderChecks | Extra lines to /etc/postfix/header_checks file.
|
| services.oncall.settings | Extra configuration options to append or override
|
| boot.initrd.systemd.contents.<name>.source | Path of the source file.
|
| services.outline.smtp.passwordFile | File path containing the password to authenticate with.
|
| services.iodine.server.passwordFile | File that contains password
|
| services.ncps.cache.redis.passwordFile | File containing the redis password for authentication (for Redis ACL).
|
| environment.etc.<name>.target | Name of symlink (relative to
/etc)
|
| system.nssDatabases.sudoers | List of sudoers entries to configure in /etc/nsswitch.conf
|
| services.autorandr.profiles.<name>.fingerprint | Output name to EDID mapping
|
| nix.buildMachines.*.publicHostKey | The (base64-encoded) public host key of this builder
|
| services.bitcoind.<name>.extraConfig | Additional configurations to be appended to bitcoin.conf.
|
| services.lokinet.settings | Configuration for Lokinet
|
| services.tor.relay.onionServices.<name>.authorizeClient.clientNames | Only clients that are listed here are authorized to access the hidden service
|
| services.sourcehut.todo.group | Group for todo.sr.ht
|
| services.sourcehut.meta.group | Group for meta.sr.ht
|
| services.cloudlog.extraConfig | Any additional text to be appended to the config.php
configuration file
|
| services.oauth2-proxy.upstream | The http url(s) of the upstream endpoint or file://
paths for static files
|
| services.munin-cron.extraGlobalConfig | munin.conf extra global configuration
|
| services.prometheus.scrapeConfigs.*.kubernetes_sd_configs.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|
| services.k3s.images | List of derivations that provide container images
|
| services.agorakit.appKeyFile | A file containing the Laravel APP_KEY - a 32 character long,
base64 encoded key used for encryption where needed
|
| services.matrix-synapse.workers.<name>.worker_log_config | The file for log configuration
|
| services.nipap.nipap-www.xmlrpcURIFile | Path to file containing XMLRPC URI for use by web UI - this is a secret, since it contains auth credentials
|
| services.libeufin.settings | Global configuration options for the libeufin bank system config file.
|
| services.nagios.validateConfig | if true, the syntax of the nagios configuration file is checked at build time
|
| hardware.deviceTree.overlays.*.dtboFile | Path to .dtbo compiled overlay file.
|
| services.k3s.manifests.<name>.source | Path of the source .yaml file.
|
| services.k3s.manifests.<name>.enable | Whether this manifest file should be generated.
|
| boot.specialFileSystems.<name>.mountPoint | Location where the file system will be mounted
|
| services.metabase.ssl.keystore | Java KeyStore file containing the certificates.
|
| services.zabbixWeb.database.socket | Path to the unix socket file to use for authentication.
|
| security.loginDefs.settings | Config options for the /etc/login.defs file, that defines
the site-specific configuration for the shadow password suite
|