| services.tarsnap.archives.<name>.maxbw | Abort archival if upstream bandwidth usage in bytes
exceeds this threshold.
|
| services.vdirsyncer.jobs.<name>.user | User account to run vdirsyncer as, otherwise as a systemd
dynamic user
|
| services.fedimintd.<name>.nginx.config | Overrides to the nginx vhost section for api
|
| services.sympa.domains.<name>.webLocation | URL path part of the web interface.
|
| services.grafana.provision.alerting.rules.settings.groups.*.name | Name of the rule group
|
| services.firezone.server.provision.accounts.<name>.resources.<name>.type | The resource type
|
| services.icecast.hostname | DNS name or IP address that will be used for the stream directory lookups or possibly the playlist generation if a Host header is not provided.
|
| services.neo4j.ssl.policies.<name>.trustAll | Makes this policy trust all remote parties
|
| services.fedimintd.<name>.api_ws.port | TCP Port to bind on for API connections relayed by the reverse proxy/tls terminator.
|
| security.pam.services.<name>.limits.*.domain | Username, groupname, or wildcard this limit applies to
|
| services.k3s.autoDeployCharts.<name>.extraDeploy | List of extra Kubernetes manifests to deploy with this Helm chart.
|
| services.pgbackrest.repos.<name>.host | Repository host when operating remotely
|
| services.firefox-syncserver.database.name | Database to use for storage
|
| services.mobilizon.settings.":mobilizon".":instance".name | The fallback instance name if not configured into the admin UI
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.type | The type of operation to perform on the file
|
| services.xserver.xkb.extraLayouts.<name>.geometryFile | The path to the xkb geometry file
|
| services.httpd.virtualHosts.<name>.http2 | Whether to enable HTTP 2
|
| services.rspamd.workers.<name>.extraConfig | Additional entries to put verbatim into worker section of rspamd config file.
|
| services.dokuwiki.sites.<name>.phpOptions | Options for PHP's php.ini file for this dokuwiki site.
|
| services.httpd.virtualHosts.<name>.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| services.rspamd.workers.<name>.bindSockets | List of sockets to listen, in format acceptable by rspamd
|
| services.tinc.networks.<name>.bindToAddress | The ip address to bind to (both listen on and send packets from).
|
| services.errbot.instances.<name>.logLevel | Errbot log level
|
| services.sanoid.datasets.<name>.monthly | Number of monthly snapshots.
|
| services.nebula.networks.<name>.package | The nebula package to use.
|
| services.znc.confOptions.networks.<name>.useSSL | Whether to use SSL to connect to the IRC server.
|
| services.davis.nginx.locations.<name>.index | Adds index directive.
|
| services.davis.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.movim.nginx.locations.<name>.index | Adds index directive.
|
| services.slskd.nginx.locations.<name>.index | Adds index directive.
|
| services.movim.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.slskd.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.dokuwiki.sites.<name>.poolConfig | Options for the DokuWiki PHP pool
|
| services.nntp-proxy.users.<name>.passwordHash | SHA-512 password hash (can be generated by
mkpasswd -m sha-512 <password>)
|
| services.nginx.proxyCachePath.<name>.useTempPath | Nginx first writes files that are destined for the cache to a temporary
storage area, and the use_temp_path=off directive instructs Nginx to
write them to the same directories where they will be cached
|
| services.redis.servers.<name>.slowLogLogSlowerThan | Log queries whose execution take longer than X in milliseconds.
|
| services.nginx.virtualHosts.<name>.extraConfig | These lines go to the end of the vhost verbatim.
|
| services.gitlab-runner.services.<name>.tagList | Tag list
|
| systemd.network.networks.<name>.hierarchyTokenBucketConfig | Each attribute in this set specifies an option in the
[HierarchyTokenBucket] section of the unit
|
| services.drupal.sites.<name>.virtualHost.adminAddr | E-mail address of the server administrator.
|
| services.xserver.displayManager.lightdm.greeters.enso.cursorTheme.name | Name of the cursor theme to use for the lightdm-enso-os-greeter
|
| security.pam.services.<name>.ttyAudit.openOnly | Set the TTY audit flag when opening the session,
but do not restore it when closing the session
|
| services.h2o.hosts.<name>.tls.redirectCode | HTTP status used by globalRedirect & forceSSL
|
| services.nsd.zones.<name>.children | Children zones inherit all options of their parents
|
| security.pam.services.<name>.requireWheel | Whether to permit root access only to members of group wheel.
|
| services.rspamd.workers.<name>.includes | List of files to include in configuration
|
| services.tarsnap.archives.<name>.nodump | Exclude files with the nodump flag.
|
| services.syncoid.commands.<name>.extraArgs | Extra syncoid arguments for this command.
|
| services.mailpit.instances.<name>.smtp | SMTP bind interface and port.
|
| services.wstunnel.servers.<name>.enable | Whether to enable this wstunnel instance.
|
| services.wstunnel.clients.<name>.enable | Whether to enable this wstunnel instance.
|
| hardware.alsa.cardAliases.<name>.id | The ID of the sound card
|
| services.geoclue2.appConfig.<name>.isSystem | Whether the application is a system component or not.
|
| security.pam.services.<name>.howdy.enable | Whether to enable the Howdy PAM module
|
| services.drupal.sites.<name>.virtualHost.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| services.hostapd.radios.<name>.networks.<name>.dynamicConfigScripts | All of these scripts will be executed in lexicographical order before hostapd
is started, right after the bss segment was generated and may dynamically
append bss options to the generated configuration file
|
| services.restic.backups.<name>.pruneOpts | A list of options (--keep-* et al.) for 'restic forget
--prune', to automatically prune old snapshots
|
| services.github-runners.<name>.enable | Whether to enable GitHub Actions runner
|
| services.tinc.networks.<name>.hostSettings.<name>.subnets.*.address | The subnet of this host
|
| services.vault-agent.instances.<name>.group | Group under which this instance runs.
|
| services.neo4j.ssl.policies.<name>.ciphers | Restrict the allowed ciphers of this policy to those defined
here
|
| services.gancio.nginx.locations.<name>.root | Root directory for requests.
|
| services.fedimintd.<name>.bitcoin.rpc.kind | Kind of a bitcoin node.
|
| services.akkoma.nginx.locations.<name>.root | Root directory for requests.
|
| services.fluidd.nginx.locations.<name>.root | Root directory for requests.
|
| services.snipe-it.nginx.locations.<name>.index | Adds index directive.
|
| services.matomo.nginx.locations.<name>.root | Root directory for requests.
|
| services.snipe-it.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.monica.nginx.locations.<name>.root | Root directory for requests.
|
| services.github-runners.<name>.url | Repository to add the runner to
|
| services.wordpress.sites.<name>.fontsDir | This directory is used to download fonts from a remote location, e.g.
to host google fonts locally.
|
| services.znapzend.zetup.<name>.destinations.<name>.presend | Command to run before sending the snapshot to the destination
|
| services.drupal.sites.<name>.virtualHost.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| security.pam.services.<name>.failDelay.enable | If enabled, this will replace the FAIL_DELAY setting from login.defs
|
| programs.ssh.knownHosts.<name>.hostNames | A list of host names and/or IP numbers used for accessing
the host's ssh service
|
| security.acme.certs.<name>.keyType | Key type to use for private keys
|
| services.kmonad.keyboards.<name>.config | Keyboard configuration.
|
| services.opkssh.providers.<name>.issuer | Issuer URI
|
| services.restic.backups.<name>.extraBackupArgs | Extra arguments passed to restic backup.
|
| services.redis.servers.<name>.openFirewall | Whether to open ports in the firewall for the server.
|
| users.mysql.pam.userColumn | The name of the column that contains a unix login name.
|
| services.netbird.tunnels.<name>.dir.runtime | A runtime directory used by NetBird client.
|
| services.netbird.clients.<name>.dir.runtime | A runtime directory used by NetBird client.
|
| services.wyoming.piper.servers.<name>.extraArgs | Extra arguments to pass to the server commandline.
|
| services.wyoming.piper.servers.<name>.enable | Whether to enable Wyoming Piper server.
|
| services.prometheus.exporters.fritz.settings.devices.*.name | Name to use for the device.
|
| services.kimai.sites.<name>.database.charset | Database charset.
|
| security.acme.certs.<name>.validMinDays | Minimum remaining validity before renewal in days.
|
| services.borgbackup.jobs.<name>.paths | Path(s) to back up
|
| security.pam.services.<name>.sssdStrictAccess | enforce sssd access control
|
| services.tinc.networks.<name>.rsaPrivateKeyFile | Path of the private RSA keyfile.
|
| services.udp-over-tcp.tcp2udp.<name>.openFirewall | Open the appropriate ports in the firewall.
|
| services.udp-over-tcp.udp2tcp.<name>.openFirewall | Open the appropriate ports in the firewall.
|
| services.public-inbox.inboxes.<name>.address | The email addresses of the public-inbox.
|
| networking.ipips.<name>.dev | The underlying network device on which the tunnel resides.
|
| services.keepalived.vrrpInstances.<name>.vmacInterface | Name of the vmac interface to use. keepalived will come up with a name
if you don't specify one.
|
| services.drupal.sites.<name>.virtualHost.onlySSL | Whether to enable HTTPS and reject plain HTTP connections
|
| services.fedimintd.<name>.bitcoin.rpc.url | Bitcoin node (bitcoind/electrum/esplora) address to connect to
|
| services.restic.backups.<name>.command | Command to pass to --stdin-from-command
|
| systemd.network.networks.<name>.trivialLinkEqualizerConfig | Each attribute in this set specifies an option in the
[TrivialLinkEqualizer] section of the unit
|