| services.redsocks.chroot | Chroot under which to run redsocks
|
| services.tomcat.port | The TCP port Tomcat should listen on.
|
| services.prometheus.exporters.pgbouncer.group | Group under which the pgbouncer exporter shall be run.
|
| services.prometheus.scrapeConfigs.*.kubernetes_sd_configs.*.authorization.type | Sets the authentication type
|
| services.prometheus.scrapeConfigs.*.consul_sd_configs.*.proxy_url | Optional proxy URL.
|
| services.prometheus.scrapeConfigs.*.http_sd_configs.*.url | URL from which the targets are fetched.
|
| services.trickster.enable | Enable Trickster.
|
| services.litellm.stateDir | State directory of LiteLLM.
|
| services.syncplay.port | TCP port to bind to.
|
| services.prosody.allowRegistration | Allow account creation
|
| services.rustus.storage.dir_structure | pattern of a directory structure locally and on s3
|
| services.pdfding.allowedHosts | Domains where PdfDing is allowed to run
|
| services.snapserver.settings.http.doc_root | Path to serve from the HTTP servers root.
|
| services.oauth2-proxy.enable | Whether to enable oauth2-proxy.
|
| services.udp-over-tcp.tcp2udp.<name>.nodelay | Enables TCP_NODELAY on the TCP socket.
|
| services.outline.oidcAuthentication.authUrl | OIDC authentication URL endpoint.
|
| services.snapper.configs.<name>.TIMELINE_LIMIT_WEEKLY | Limits for timeline cleanup.
|
| services.nextcloud-spreed-signaling.settings.https.certificate | Path to the certificate used for the HTTPS listener
|
| services.taskserver.listenPort | Port number of the Taskserver.
|
| services.powerstation.package | The powerstation package to use.
|
| services.prometheus.exporters.exportarr-prowlarr.url | The full URL to Sonarr, Radarr, or Lidarr.
|
| services.prometheus.exporters.node.listenAddress | Address to listen on.
|
| services.matrix-hookshot.package | The matrix-hookshot package to use.
|
| services.monica.nginx.serverAliases | Additional names of virtual hosts served by this virtual host configuration.
|
| services.suwayomi-server.enable | Whether to enable Suwayomi, a free and open source manga reader server that runs extensions built for Tachiyomi.
|
| services.slskd.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.lighthouse.beacon.execution.port | Port number the Beacon node will be listening on for the execution layer.
|
| services.mirakurun.unixSocket | Path to unix socket to listen on
|
| services.strongswan-swanctl.swanctl.secrets.xauth | EAP secret section for a specific secret
|
| services.node-red.port | Listening port.
|
| services.psd.resyncTimer | The amount of time to wait before syncing browser profiles back to the
disk
|
| services.osrm.algorithm | Algorithm to use for the data
|
| services.snipe-it.database.createLocally | Create the database and database user locally.
|
| services.taskserver.confirmation | Determines whether certain commands are confirmed.
|
| services.openvscode-server.withoutConnectionToken | Run without a connection token
|
| services.photoprism.port | Web interface port.
|
| services.strongswan-swanctl.swanctl.secrets.ntlm.<name>.secret | Value of the NTLM secret, which is the NT Hash of the actual secret,
that is, MD4(UTF-16LE(secret))
|
| services.sickbeard.port | Port to bind to.
|
| services.tinc.networks.<name>.debugLevel | The amount of debugging information to add to the log. 0 means little
logging while 5 is the most logging. man tincd for
more details.
|
| services.loki.enable | Whether to enable Grafana Loki.
|
| services.monica.mail.fromName | Mail "from" name.
|
| services.oxidized.group | Group under which the oxidized service runs.
|
| services.strongswan-swanctl.swanctl.connections.<name>.fragmentation | Use IKE fragmentation (proprietary IKEv1 extension or RFC 7383 IKEv2
fragmentation)
|
| services.nix-serve.package | The nix-serve package to use.
|
| services.prometheus.exporters.influxdb.extraFlags | Extra commandline options to pass to the influxdb exporter.
|
| services.orthanc.environment | Extra environment variables
For more details see https://orthanc.uclouvain.be/book/users/configuration.html
|
| services.prometheus.exporters.postgres.openFirewall | Open port in firewall for incoming connections.
|
| services.postfix.settings.main.mydestination | List of domain names intended for local delivery using /etc/passwd and /etc/aliases.
Do not include virtual domains in this list.
https://www.postfix.org/postconf.5.html#mydestination
|
| services.snipe-it.nginx.sslCertificate | Path to server SSL certificate.
|
| services.lokinet.settings | Configuration for Lokinet
|
| services.spark.master.restartIfChanged | Automatically restart master service on config change
|
| services.nntp-proxy.users.<name>.passwordHash | SHA-512 password hash (can be generated by
mkpasswd -m sha-512 <password>)
|
| services.prometheus.scrapeConfigs.*.triton_sd_configs.*.dns_suffix | The DNS suffix which should be applied to target.
|
| services.prosody.modules.server_contact_info | Publish contact information for this service
|
| services.tor.settings.MainloopStats | See torrc manual.
|
| services.mediawiki.database.name | Database name.
|
| services.redmine.themes | Set of themes.
|
| services.prometheus.scrapeConfigs.*.docker_sd_configs.*.tls_config.key_file | Key file for client cert authentication to the server.
|
| services.prometheus.exporters.process.settings.process_names | All settings expressed as an Nix attrset
|
| services.monica.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.maubot.configMutable | Whether maubot should write updated config into extraConfigFile. This will make your Nix module settings have no effect besides the initial config, as extraConfigFile takes precedence over NixOS settings!
|
| services.prometheus.scrapeConfigs.*.http_sd_configs.*.basic_auth.username | HTTP username
|
| services.tor.torsocks.server | IP/Port of the Tor SOCKS server
|
| services.nitter.package | The nitter package to use.
|
| services.ncdns.dnssec.keys.zonePublic | Path to the file containing the ZSK public key
|
| services.prometheus.exporters.flow.enable | Whether to enable the prometheus flow exporter.
|
| services.microbin.package | The microbin package to use.
|
| services.multipath.devices.*.all_tg_pt | Set the 'all targets ports' flag when registering keys with mpathpersist
|
| services.nextcloud-spreed-signaling.configureNginx | Whether to set up and configure an nginx virtual host according to upstream's recommendations
|
| services.postfix.settings.master.<name>.privileged | |
| services.slskd.group | Group under which slskd runs.
|
| services.suwayomi-server.group | Group under which Suwayomi-Server runs.
|
| services.multipath.pathGroups | This option allows you to define multipath groups as described
in http://christophe.varoqui.free.fr/usage.html.
|
| services.prometheus.exporters.dnssec.resolvers | DNSSEC capable resolver to be used for the check.
|
| services.prometheus.exporters.tailscale.openFirewall | Open port in firewall for incoming connections.
|
| services.longview.mysqlPassword | The password corresponding to mysqlUser
|
| services.mastodon.webThreads | Threads per process used by the mastodon-web service.
|
| services.matomo.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.ollama.rocmOverrideGfx | Override what rocm will detect your gpu model as
|
| services.opensearch.extraCmdLineOptions | Extra command line options for the OpenSearch launcher.
|
| services.outline.storage.localRootDir | If storageType is local, this sets the parent directory
under which all attachments/images go.
|
| services.prometheus.exporters.mail.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.systemd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.systemd.openFirewall is true.
|
| services.litellm.port | Which port the LiteLLM server listens to.
|
| services.mail.sendmailSetuidWrapper.setuid | Whether to add the setuid bit the wrapper program.
|
| services.neo4j.bolt.tlsLevel | SSL/TSL requirement level for BOLT traffic.
|
| services.pihole-ftl.piholePackage | The pihole package to use.
|
| services.prometheus.exporters.systemd.user | User name under which the systemd exporter shall be run.
|
| services.prometheus.exporters.zfs.extraFlags | Extra commandline options to pass to the zfs exporter.
|
| services.prometheus.scrapeConfigs.*.marathon_sd_configs.*.basic_auth.username | HTTP username
|
| services.routinator.extraArgs | Extra arguments passed to routinator, see https://routinator.docs.nlnetlabs.nl/en/stable/manual-page.html#options for options.";
|
| services.orthanc.enable | Whether to enable Orthanc server.
|
| services.plantuml-server.graphvizPackage | The graphviz package to use.
|
| services.radicle.httpd.nginx.locations.<name>.root | Root directory for requests.
|
| services.nagios.virtualHost.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| services.public-inbox.openFirewall | Whether to enable opening the firewall when using a port option.
|
| services.trezord.emulator.port | Listening port for the Trezor emulator.
|
| services.limesurvey.nginx.virtualHost.locations.<name>.root | Root directory for requests.
|
| services.movim.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.murmur.users | Maximum number of concurrent clients allowed.
|