| services.postgresql.identMap | Defines the mapping from system users to database users
|
| services.keepalived.vrrpScripts.<name>.group | Name of group to run the script under
|
| services.netbird.server.coturn.password | The password of the user used by netbird to connect to the coturn server
|
| services.victorialogs.enable | Whether to enable VictoriaLogs is an open source user-friendly database for logs from VictoriaMetrics.
|
| services.upower.enableWattsUpPro | Enable the Watts Up Pro device
|
| security.pam.rssh.settings.auth_key_file | Path to file with trusted public keys in OpenSSH's authorized_keys format
|
| services.sourcehut.settings."hg.sr.ht".repos | Path to mercurial repositories on disk
|
| security.pam.services.<name>.ttyAudit.enablePattern | For each user matching one of comma-separated
glob patterns, enable TTY auditing
|
| boot.initrd.systemd.emergencyAccess | Set to true for unauthenticated emergency access, and false or
null for no emergency access
|
| services.castopod.database.createLocally | Create the database and database user locally.
|
| services.agorakit.database.createLocally | Create the database and database user locally.
|
| services.dolibarr.database.createLocally | Create the database and database user locally.
|
| services.cloudlog.database.createLocally | Create the database and database user locally.
|
| services.linkwarden.cacheLocation | Directory used as cache
|
| services.samba.settings.global."passwd program" | Path to a program that can be used to set UNIX user passwords.
|
| services.misskey.database.createLocally | Create the PostgreSQL database locally
|
| services.mediatomb.customCfg | Allow the service to create and use its own config file inside the dataDir as
configured by services.mediatomb.dataDir
|
| services.netbird.server.coturn.passwordFile | The path to a file containing the password of the user used by netbird to connect to the coturn server.
|
| services.zammad.secretKeyBaseFile | The path to a file containing the
secret_key_base secret
|
| services.zoneminder.enable | Whether to enable ZoneMinder
|
| services.prometheus.scrapeConfigs.*.consul_sd_configs.*.username | Consul username
|
| services.grafana.settings.users.auto_assign_org_id | Set this value to automatically add new users to the provided org
|
| services.sourcehut.settings."git.sr.ht".repos | Path to git repositories on disk
|
| services.listmonk.database.createLocally | Create the PostgreSQL database and database user locally.
|
| services.znc.useLegacyConfig | Whether to propagate the legacy options under
services.znc.confOptions.* to the znc config
|
| services.wastebin.secretFile | Path to file containing sensitive environment variables
|
| services.drupal.sites.<name>.database.createLocally | Create the database and database user locally.
|
| services.neo4j.directories.home | Path of the Neo4j home directory
|
| services.dashy.settings | Settings serialized into user-data/conf.yml before build
|
| services.anuko-time-tracker.database.passwordFile | Database user password file.
|
| security.duosec.fallbackLocalIP | Duo Unix reports the IP address of the authorizing user, for
the purposes of authorization and whitelisting
|
| services.fedimintd.<name>.nginx.config.kTLS | Whether to enable kTLS support
|
| services.reposilite.useACMEHost | Host of an existing Let's Encrypt certificate to use for SSL
|
| services.prometheus.scrapeConfigs.*.http_sd_configs.*.basic_auth.username | HTTP username
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.basic_auth.username | HTTP username
|
| services.anuko-time-tracker.database.createLocally | Create the database and database user locally.
|
| services.jupyterhub.kernels.<name>.displayName | Name that will be shown to the user.
|
| security.pam.services.<name>.ttyAudit.disablePattern | For each user matching one of comma-separated
glob patterns, disable TTY auditing
|
| security.pam.services.<name>.gnupg.noAutostart | Don't start gpg-agent if it is not running
|
| services.nominatim.database.superUser | Postgresql database superuser used to create Nominatim database and
import data
|
| security.googleOsLogin.enable | Whether to enable Google OS Login
|
| services.mediatomb.openFirewall | If false (the default), this is up to the user to declare the firewall rules
|
| security.pam.services.<name>.kwallet.enable | If enabled, pam_wallet will attempt to automatically unlock the
user's default KDE wallet upon login
|
| services._3proxy.services.*.auth | Authentication type
|
| services.bookstack.database.createLocally | Create the database and database user locally.
|
| services.graylog.rootPasswordSha2 | You MUST specify a hash password for the root user (which you only need to initially set up the
system and in case you lose connectivity to your authentication backend)
This password cannot be changed using the API or via the web interface
|
| services.foundationdb.package | The FoundationDB package to use for this server
|
| services.neo4j.directories.data | Path of the data directory
|
| services.matrix-alertmanager.tokenFile | File that contains a valid Matrix token for the Matrix user.
|
| services.syncoid.commands.<name>.localSourceAllow | Permissions granted for the services.syncoid.user user
for local source datasets
|
| services.umami.settings.DATABASE_URL_FILE | A file containing a connection string for the database
|
| services.openvpn.servers.<name>.authUserPass | This option can be used to store the username / password credentials
with the "auth-user-pass" authentication method
|
| programs.firefox.policies | Group policies to install
|
| services.keycloak.initialAdminPassword | Initial password set for the temporary admin user
|
| services.n8n.environment.N8N_USER_FOLDER | Provide the path where n8n will create the .n8n folder
|
| services.nextcloud.database.createLocally | Whether to create the database and database user locally.
|
| services.matrix-alertmanager.matrixUser | Matrix user to use for the bot.
|
| services.dnsdist.dnscrypt.providerKey | The filepath to the provider secret key
|
| services.prosody.httpFileShare.daily_quota | Maximum size of daily uploaded files per user, in bytes.
|
| virtualisation.qemu.options | Options passed to QEMU
|
| security.pam.services.<name>.enableGnomeKeyring | If enabled, pam_gnome_keyring will attempt to automatically unlock the
user's default Gnome keyring upon login
|
| services.maddy.ensureCredentials | List of user accounts which get automatically created if they don't
exist yet
|
| security.unprivilegedUsernsClone | When disabled, unprivileged users will not be able to create new namespaces
|
| services.postfix.localRecipients | List of accepted local users
|
| services.libeufin.nexus.settings.nexus-ebics.USER_ID | User ID of the EBICS subscriber
|
| services.cron.systemCronJobs | A list of Cron jobs to be appended to the system-wide
crontab
|
| services.flarum.createDatabaseLocally | Create the database and database user locally, and run installation
|
| services.linkwarden.storageLocation | Directory used to store media files
|
| services.wastebin.settings.WASTEBIN_BASE_URL | Base URL for the QR code display
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.basic_auth.username | HTTP username
|
| services.unbound.localControlSocketPath | When not set to null this option defines the path
at which the unbound remote control socket should be created at
|
| services.journaldriver.logName | Configures the name of the target log in Stackdriver Logging
|
| services.public-inbox.inboxes.<name>.description | User-visible description for the repository.
|
| services.firezone.headless-client.tokenFile | A file containing the firezone client token
|
| services.grafana.settings.users.verify_email_enabled | Require email validation before sign up completes.
|
| services.postgresql.ensureUsers | Ensures that the specified users exist
|
| services.keepalived.enableScriptSecurity | Don't run scripts configured to be run as root if any part of the path is writable by a non-root user.
|
| networking.resolvconf.package | The package that provides the system-wide resolvconf command
|
| services.mediawiki.database.createLocally | Create the database and database user locally
|
| services.szurubooru.database.passwordFile | A file containing the password for the PostgreSQL user.
|
| services.mysql.replication.masterPassword | Password of the MySQL replication user.
|
| services.minidlna.settings.wide_links | Set this to yes to allow symlinks that point outside user-defined media_dir.
|
| services.kubo.settings.Addresses.API | Multiaddr or array of multiaddrs describing the address to serve the local HTTP API on
|
| services.hostapd.radios.<name>.wifi6.multiUserBeamformer | HE multi user beamformee support
|
| programs.tsmClient.defaultServername | If multiple server stanzas are declared with
programs.tsmClient.servers,
this option may be used to name a default
server stanza that IBM TSM uses in the absence of
a user-defined dsm.opt file
|
| services.dawarich.secretKeyBaseFile | Path to file containing the secret key base
|
| services.opkssh.authorizations | User authorization mappings
|
| services.zoneminder.database.createLocally | Create the database and database user locally.
|
| services.grafana.settings.users.auto_assign_org_role | The role new users will be assigned for the main organization (if the auto_assign_org setting is set to true).
|
| services.filesender.database.createLocally | Create the PostgreSQL database and database user locally.
|
| services.hostapd.radios.<name>.wifi7.multiUserBeamformer | EHT multi user beamformee support
|
| services.limesurvey.nginx.virtualHost.kTLS | Whether to enable kTLS support
|
| services.tt-rss.registration.notifyAddress | Email address to send new user notifications to.
|
| services.minidlna.settings.media_dir | Directories to be scanned for media files
|
| services.postfixadmin.database.host | Host of the postgresql server
|
| services.blockbook-frontend.<name>.rpc.passwordFile | File containing password of the RPC user
|
| services.kmonad.keyboards.<name>.extraGroups | Extra permission groups to attach to the KMonad instance for
this keyboard
|
| services.prometheus.exporters.nut.nutUser | The user to log in into NUT server
|
| services.syncthing.settings.folders.<name>.path | The path to the folder which should be shared
|
| services.prometheus.exporters.bitcoin.rpcUser | RPC user name.
|