| services.davis.database.urlFile | A file containing the database connection url
|
| services.pipewire.wireplumber.extraScripts | Additional scripts for WirePlumber to be used by configuration files
|
| services.prosody.virtualHosts.<name>.ssl.key | Path to the key file.
|
| services.rspamd.overrides.<name>.text | Text of the file.
|
| services.prometheus.scrapeConfigs.*.marathon_sd_configs.*.authorization.credentials_file | Sets the credentials to the credentials read from the configured file
|
| services.prometheus.scrapeConfigs.*.puppetdb_sd_configs.*.authorization.credentials_file | Sets the credentials to the credentials read from the configured file
|
| services.komodo-periphery.ssl.keyFile | Path to SSL key file.
|
| services.openssh.settings.AuthorizedPrincipalsFile | Specifies a file that lists principal names that are accepted for certificate authentication
|
| services.kubernetes.scheduler.kubeconfig.caFile | Kubernetes scheduler certificate authority file used to connect to kube-apiserver.
|
| services.filesender.settings.admin_email | Email address of FileSender administrator(s)
|
| containers.<name>.networkNamespace | Takes the path to a file representing a kernel network namespace that the container
shall run in
|
| security.agnos.settings.accounts.*.certificates.*.key_output_file | Output path for the certificate private key
|
| users.ldap.daemon.enable | Whether to let the nslcd daemon (nss-pam-ldapd) handle the
LDAP lookups for NSS and PAM
|
| services.cross-seed.settingsFile | Path to a JSON file containing settings that will be merged with the
settings option
|
| services.bacula-fd.director.<name>.tls.caCertificateFile | The path specifying a PEM encoded TLS CA certificate(s)
|
| services.bacula-sd.director.<name>.tls.caCertificateFile | The path specifying a PEM encoded TLS CA certificate(s)
|
| nix.settings | Configuration for Nix, see
https://nixos.org/manual/nix/stable/command-ref/conf-file.html or
nix.conf(5) for available options
|
| services.prometheus.scrapeConfigs.*.lightsail_sd_configs.*.profile | Named AWS profile used to connect to the API.
|
| services.mighttpd2.routing | Verbatim routing file to use
(see https://kazu-yamamoto.github.io/mighttpd2/config.html)
|
| services.auto-cpufreq.settings | Configuration for auto-cpufreq
|
| services.kubernetes.scheduler.kubeconfig.keyFile | Kubernetes scheduler client key file used to connect to kube-apiserver.
|
| services.mattermost.environmentFile | Environment file (see systemd.exec(5)
"EnvironmentFile=" section for the syntax) which sets config options
for mattermost (see the Mattermost documentation)
|
| security.acme.certs.<name>.webroot | Where the webroot of the HTTP vhost is located.
.well-known/acme-challenge/ directory
will be created below the webroot if it doesn't exist.
http://example.org/.well-known/acme-challenge/ must also
be available (notice unencrypted HTTP).
|
| boot.initrd.systemd.contents.<name>.enable | Whether to enable copying of this file and symlinking it.
|
| services.actual.settings | Server settings, refer to the documentation for available options
|
| services.radicale.rights | Configuration for Radicale's rights file
|
| services.sympa.settingsFile.<name>.source | Path of the source file.
|
| systemd.shutdownRamfs.storePaths.*.source | Path of the source file.
|
| services.prometheus.exporters.nextcloud.passwordFile | File containing the password for connecting to Nextcloud
|
| services.borgmatic.configurations.<name>.repositories | A required list of local or remote repositories with paths and
optional labels (which can be used with the --repository flag to
select a repository)
|
| services.outline.storage.uploadMaxSize | Maxmium file size for uploads.
|
| services.prometheus.scrapeConfigs.*.digitalocean_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.ncps.cache.storage.s3.accessKeyIdPath | The path to a file containing only the access-key-id.
|
| services.akkoma.initDb.password | Password of the database user to initialise the database with
|
| environment.etc.<name>.enable | Whether this /etc file should be generated
|
| programs.spacefm.settings | The system-wide spacefm configuration
|
| services.transfer-sh.secretFile | Path to file containing environment variables
|
| users.users.<name>.hashedPasswordFile | The full path to a file that contains the hash of the user's
password
|
| services.nginx.appendConfig | Configuration lines appended to the generated Nginx
configuration file
|
| services.prometheus.exporters.mqtt.environmentFile | File to load as environment file
|
| services.cntlm.proxy | A list of NTLM/NTLMv2 authenticating HTTP proxies
|
| services.pinnwand.settings | Your pinnwand.toml as a Nix attribute set
|
| services.postsrsd.settings | Configuration options for the postsrsd.conf file
|
| boot.loader.systemd-boot.edk2-uefi-shell.sortKey | systemd-boot orders the menu entries by their sort keys,
so if you want something to appear after all the NixOS entries,
it should start with o or onwards
|
| services.kubernetes.scheduler.kubeconfig.certFile | Kubernetes scheduler client certificate file used to connect to kube-apiserver.
|
| services.stubby.settings | Content of the Stubby configuration file
|
| services.cachix-watch-store.cachixTokenFile | Required file that needs to contain the cachix auth token.
|
| services.octoprint.extraConfig | Extra options which are added to OctoPrint's YAML configuration file.
|
| services.nagios.virtualHost.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| services.moodle.virtualHost.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| networking.ucarp.passwordFile | File containing shared password between CARP hosts.
|
| services.peering-manager.secretKeyFile | Path to a file containing the secret key.
|
| services.prosody.virtualHosts.<name>.ssl.cert | Path to the certificate file.
|
| services.paisa.settings.journalFile | Filename of the main journal / ledger file.
|
| services.komodo-periphery.ssl.certFile | Path to SSL certificate file.
|
| services.tahoe.nodes.<name>.client.shares.total | The number of shares required to store a file.
|
| services.wiki-js.settings | Settings to configure wiki-js
|
| services.frigate.settings | Frigate configuration as a nix attribute set
|
| services.prometheus.exporters.blackbox.enableConfigCheck | Whether to run a correctness check for the configuration file
|
| services.archisteamfarm.bots.<name>.passwordFile | Path to a file containing the password
|
| services.sourcehut.paste.group | Group for paste.sr.ht
|
| services.sourcehut.lists.group | Group for lists.sr.ht
|
| services.sourcehut.pages.group | Group for pages.sr.ht
|
| hardware.deviceTree.overlays.*.dtsText | Literal DTS contents, overlay is applied to
each .dtb file matching "compatible" of the overlay.
|
| services.munin-cron.enable | Enable munin-cron
|
| virtualisation.credentials.<name>.text | Text content of the credential
|
| services.webdav-server-rs.settings | Attrset that is converted and passed as config file
|
| services.amule.WebServerPasswordFile | File containing the password for connecting to the web server,
set this only if you didn't set `settings
|
| services.cassandra.extraConfig | Extra options to be merged into cassandra.yaml as nix attribute set.
|
| services.vault.storageConfig | HCL configuration to insert in the storageBackend section
|
| services.radicle.ci.broker.settings.db | Database file path.
|
| systemd.shutdownRamfs.storePaths.*.enable | Whether to enable copying of this file and symlinking it.
|
| services.forgejo.database.socket | Path to the unix socket file to use for authentication.
|
| services.saunafs.master.settings | Contents of config file (sfsmaster.cfg(5)).
|
| services.redmine.database.socket | Path to the unix socket file to use for authentication.
|
| services.outline.storage.secretKeyFile | File path that contains the S3 secret key.
|
| boot.initrd.network.ifstate.settings | Content of IfState's initrd configuration file
|
| services.hans.clients.<name>.passwordFile | File that contains password
|
| boot.initrd.clevis.devices.<name>.secretFile | Clevis JWE file used to decrypt the device at boot, in concert with the chosen pin (one of TPM2, Tang server, or SSS).
|
| services.lighttpd.extraConfig | These configuration lines will be appended to the generated lighttpd
config file
|
| services.openafsClient.mountPoint | Mountpoint of the AFS file tree, conventionally
/afs
|
| services.pomerium.secretsFile | Path to file containing secrets for Pomerium, in systemd
EnvironmentFile format
|
| services.redis.servers.<name>.appendOnly | By default data is only periodically persisted to disk, enable this option to use an append-only file for improved persistence.
|
| services.rke2.manifests.<name>.source | Path of the source .yaml file.
|
| services.rke2.manifests.<name>.enable | Whether this manifest file should be generated.
|
| security.pam.services.<name>.yubicoAuth | If set, users listed in
~/.yubico/authorized_yubikeys
are able to log in with the associated Yubikey tokens.
|
| services.sunshine.settings | Settings to be rendered into the configuration file
|
| services.searx.limiterSettings | Limiter settings for SearXNG.
|
| services.athens.storage.minio.secret | Secret key for the minio storage backend
|
| services.davis.appSecretFile | A file containing the Symfony APP_SECRET - Its value should be a series
of characters, numbers and symbols chosen randomly and the recommended
length is around 32 characters
|
| services.magnetico.web.credentialsFile | The path to the file holding the credentials to access the web
interface
|
| services.misskey.redis.passwordFile | The path to a file containing the Redis password
|
| services.xserver.monitorSection | Contents of the first Monitor section of the X server configuration file.
|
| services.prometheus.scrapeConfigs.*.file_sd_configs.*.refresh_interval | Refresh interval to re-read the files
|
| services.athens.index.mysql.password | Password for the MySQL database
|
| services.tahoe.nodes.<name>.client.shares.happy | The number of distinct storage nodes required to store
a file.
|
| services.aria2.settings.save-session | Save error/unfinished downloads to FILE on exit.
|
| services.bluemap.webappSettings | Settings for the webapp.conf file, see upstream docs.
|
| services.prometheus.pushgateway.persistMetrics | Whether to persist metrics to a file
|
| services.hebbot.templates.report | A path to the Markdown file for the report template.
|