| services.syncplay.passwordFile | Path to the file that contains the server password
|
| services.ncps.cache.storage.s3.accessKeyIdPath | The path to a file containing only the access-key-id.
|
| services.rtorrent.configText | The content of rtorrent.rc
|
| services.outline.storage.secretKeyFile | File path that contains the S3 secret key.
|
| services.supybot.configFile | Path to initial supybot config file
|
| services.xserver.serverFlagsSection | Contents of the ServerFlags section of the X server configuration file.
|
| containers.<name>.bindMounts.<name>.mountPoint | Mount point on the container file system.
|
| systemd.shutdownRamfs.contents.<name>.text | Text of the file.
|
| users.users.<name>.description | A short description of the user account, typically the
user's full name
|
| networking.networkmanager.ensureProfiles.secrets.entries.*.matchUuid | UUID of the connection profile
UUIDs are assigned once on connection creation and should never change as long as the connection still applies to the same network.
|
| services.nextcloud.secrets | Secret files to read into entries in config.php
|
| services.sympa.settingsFile.<name>.enable | Whether this file should be generated
|
| system.nssDatabases.services | List of services entries to configure in /etc/nsswitch.conf
|
| services.prometheus.scrapeConfigs.*.openstack_sd_configs.*.tls_config.cert_file | Certificate file for client cert authentication to the server.
|
| services.prometheus.scrapeConfigs.*.hetzner_sd_configs.*.basic_auth.password_file | HTTP password file
|
| networking.networkmanager.ensureProfiles.secrets.entries.*.matchId | connection id used by NetworkManager
|
| services.bookstack.appKeyFile | A file containing the Laravel APP_KEY - a 32 character long,
base64 encoded key used for encryption where needed
|
| services.draupnir.settings | Free-form settings written to Draupnir's configuration file
|
| services.freshrss.database.passFile | Database password file for FreshRSS.
|
| services.duplicity.exclude | List of paths to exclude from backups
|
| services.ddclient.extraConfig | Extra configuration
|
| services.duplicity.include | List of paths to include into the backups
|
| services.ddclient.passwordFile | A file containing the password or a TSIG key in named format when using the nsupdate protocol.
|
| services.hebbot.templates.report | A path to the Markdown file for the report template.
|
| services.firewalld.settings | FirewallD config file
|
| programs.neovim.configure | Generate your init file from your list of plugins and custom commands
|
| services.buildbot-worker.workerPassFile | File used to store the Buildbot Worker password
|
| services.davis.appSecretFile | A file containing the Symfony APP_SECRET - Its value should be a series
of characters, numbers and symbols chosen randomly and the recommended
length is around 32 characters
|
| boot.initrd.clevis.devices.<name>.secretFile | Clevis JWE file used to decrypt the device at boot, in concert with the chosen pin (one of TPM2, Tang server, or SSS).
|
| services.cachix-watch-store.signingKeyFile | Optional file containing a self-managed signing key to sign uploaded store paths.
|
| services.tahoe.nodes.<name>.client.shares.total | The number of shares required to store a file.
|
| services.nagios.virtualHost.sslServerChain | Path to server SSL chain file.
|
| services.moodle.virtualHost.sslServerChain | Path to server SSL chain file.
|
| services.mediawiki.extraConfig | Any additional text to be appended to MediaWiki's
LocalSettings.php configuration file
|
| services.nginx.prependConfig | Configuration lines prepended to the generated Nginx
configuration file
|
| services.rss2email.feeds.<name>.to | Email address to which to send feed items
|
| services.pleroma.secretConfigFile | Path to the file containing your secret pleroma configuration.
DO NOT POINT THIS OPTION TO THE NIX
STORE, the store being world-readable, it'll
compromise all your secrets.
|
| services.matrix-tuwunel.settings | Generates the tuwunel.toml configuration file
|
| services.thermald.configFile | The thermald manual configuration file
|
| services.misskey.redis.passwordFile | The path to a file containing the Redis password
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.oauth2.client_secret_file | Read the client secret from a file
|
| networking.networkmanager.ensureProfiles.secrets.entries.*.matchType | NetworkManager connection type
The NetworkManager configuration settings reference roughly corresponds to connection types
|
| security.agnos.settings.accounts.*.certificates.*.fullchain_output_file | Output path for the full chain including the acquired certificate
|
| services.prometheus.exporters.pve.environmentFile | Path to the service's environment file
|
| hardware.amdgpu.amdvlk.settings | Runtime settings for AMDVLK to be configured /etc/amd/amdVulkanSettings.cfg
|
| services.dawarich.smtp.passwordFile | Path to file containing the SMTP password.
|
| boot.initrd.network.ifstate.settings | Content of IfState's initrd configuration file
|
| i18n.inputMethod.fcitx5.settings.addons | The addon configures in conf folder in ini format with global sections
|
| services.dokuwiki.sites.<name>.phpOptions | Options for PHP's php.ini file for this dokuwiki site.
|
| programs.rust-motd.refreshInterval | Interval in which the motd(5) file is refreshed
|
| services.hadoop.log4jProperties | log4j.properties file added to HADOOP_CONF_DIR
|
| hardware.fancontrol.config | Required fancontrol configuration file content
|
| boot.loader.systemd-boot.edk2-uefi-shell.sortKey | systemd-boot orders the menu entries by their sort keys,
so if you want something to appear after all the NixOS entries,
it should start with o or onwards
|
| services.httpd.virtualHosts.<name>.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| services.lavalink.extraConfig | Configuration to write to application.yml
|
| services.tailscale.authKeyFile | A file containing the auth key
|
| services.privoxy.settings | This option is mapped to the main Privoxy configuration file
|
| services.mastodon.smtp.passwordFile | Path to file containing the SMTP password.
|
| systemd.mounts.*.reloadTriggers | An arbitrary list of items such as derivations
|
| services.zabbixProxy.database.socket | Path to the unix socket file to use for authentication.
|
| systemd.paths.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| users.ldap.daemon.enable | Whether to let the nslcd daemon (nss-pam-ldapd) handle the
LDAP lookups for NSS and PAM
|
| xdg.terminal-exec.settings | Configuration options for the Default Terminal Execution Specification
|
| services.sks.webroot | Source directory (will be symlinked, if not null) for the files the
built-in webserver should serve
|
| networking.networkmanager.ensureProfiles.secrets.entries.*.matchSetting | name of the setting section for which secrets are requested
|
| services.prometheus.scrapeConfigs.*.scaleway_sd_configs.*.secret_key_file | Sets the secret key with the credentials read from the configured file
|
| security.apparmor.policies.<name>.path | A path of a profile file to include
|
| services.fider.database.url | URI to use for the main PostgreSQL database
|
| services.canaille.smtpPasswordFile | File containing the SMTP password
|
| services.athens.index.mysql.password | Password for the MySQL database
|
| services.gotify.stateDirectoryName | The name of the directory below /var/lib where
gotify stores its runtime data.
|
| security.ipa.certificate | IPA server CA certificate
|
| networking.ifstate.settings | Content of IfState's configuration file
|
| services.infinoted.passwordFile | File to read server-wide password from
|
| services.gitlab.smtp.passwordFile | File containing the password of the SMTP server for GitLab
|
| services.aerospike.networkConfig | network section of configuration file
|
| services.athens.storage.minio.secret | Secret key for the minio storage backend
|
| services.radicle.ci.broker.settings.db | Database file path.
|
| services.tahoe.nodes.<name>.client.shares.happy | The number of distinct storage nodes required to store
a file.
|
| services.rspamd.workers.<name>.extraConfig | Additional entries to put verbatim into worker section of rspamd config file.
|
| services.radicle.privateKeyFile | Absolute file path to an SSH private key,
usually generated by rad auth
|
| services.outline.storage.storageType | File storage type, it can be local or s3.
|
| services.netbox.keycloakClientSecret | File that contains the keycloak client secret.
|
| services.prosody.modules.proxy65 | Enables a file transfer proxy service which clients behind NAT can use
|
| services.syncoid.commands.<name>.sshKey | SSH private key file to use to login to the remote system
|
| services.rspamd.overrides.<name>.source | Path of the source file.
|
| services.xserver.inputClassSections | Content of additional InputClass sections of the X server configuration file.
|
| services.watchdogd.settings | Configuration to put in watchdogd.conf
|
| services.prometheus.scrapeConfigs.*.kubernetes_sd_configs.*.tls_config.key_file | Key file for client cert authentication to the server.
|
| services.sourcehut.builds.group | Group for builds.sr.ht
|
| i18n.inputMethod.fcitx5.settings.inputMethod | The input method configure in profile file in ini format.
|
| services.kmonad.keyboards.<name>.device | Path to the keyboard's device file.
|
| services.kimai.sites.<name>.database.socket | Path to the unix socket file to use for authentication.
|
| services.icingaweb2.roles | roles.ini contents
|
| services.httpd.virtualHosts.<name>.sslServerChain | Path to server SSL chain file.
|
| services.gotenberg.enableBasicAuth | HTTP Basic Authentication
|
| services.lanraragi.passwordFile | A file containing the password for LANraragi's admin interface.
|
| services.dockerRegistry.configFile | Path to CNCF distribution config file
|
| services.invidious.hmacKeyFile | A path to a file containing the hmac_key
|
| services.agorakit.mail.passwordFile | A file containing the password corresponding to
|