| services.opkssh.providers.<name>.issuer | Issuer URI
|
| services.neo4j.ssl.policies.<name>.trustAll | Makes this policy trust all remote parties
|
| security.apparmor.policies.<name>.path | A path of a profile file to include
|
| systemd.network.networks.<name>.bridgeMDBs | A list of BridgeMDB sections to be added to the unit
|
| systemd.network.networks.<name>.bridgeFDBs | A list of BridgeFDB sections to be added to the unit
|
| security.pam.services.<name>.setLoginUid | Set the login uid of the process
(/proc/self/loginuid) for auditing
purposes
|
| services.gancio.nginx.locations.<name>.root | Root directory for requests.
|
| services.fedimintd.<name>.bitcoin.rpc.kind | Kind of a bitcoin node.
|
| services.akkoma.nginx.locations.<name>.root | Root directory for requests.
|
| services.fluidd.nginx.locations.<name>.root | Root directory for requests.
|
| services.snipe-it.nginx.locations.<name>.index | Adds index directive.
|
| services.matomo.nginx.locations.<name>.root | Root directory for requests.
|
| services.snipe-it.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.monica.nginx.locations.<name>.root | Root directory for requests.
|
| containers.<name>.bindMounts | An extra list of directories that is bound to the container.
|
| systemd.slices.<name>.restartTriggers | An arbitrary list of items such as derivations
|
| systemd.timers.<name>.restartTriggers | An arbitrary list of items such as derivations
|
| security.acme.certs.<name>.inheritDefaults | Whether to inherit values set in security.acme.defaults or not.
|
| services.restic.backups.<name>.extraBackupArgs | Extra arguments passed to restic backup.
|
| services.redis.servers.<name>.openFirewall | Whether to open ports in the firewall for the server.
|
| services.kimai.sites.<name>.database.charset | Database charset.
|
| services.kanidm.provision.systems.oauth2.<name>.displayName | Display name
|
| security.pam.services.<name>.sssdStrictAccess | enforce sssd access control
|
| services.tinc.networks.<name>.rsaPrivateKeyFile | Path of the private RSA keyfile.
|
| services.udp-over-tcp.tcp2udp.<name>.openFirewall | Open the appropriate ports in the firewall.
|
| services.udp-over-tcp.udp2tcp.<name>.openFirewall | Open the appropriate ports in the firewall.
|
| services.public-inbox.inboxes.<name>.address | The email addresses of the public-inbox.
|
| systemd.network.networks.<name>.extraConfig | Extra configuration append to unit
|
| systemd.network.netdevs.<name>.vxlanConfig | Each attribute in this set specifies an option in the
[VXLAN] section of the unit
|
| services.neo4j.ssl.policies.<name>.ciphers | Restrict the allowed ciphers of this policy to those defined
here
|
| services.wstunnel.servers.<name>.listen.host | The hostname.
|
| services.wstunnel.servers.<name>.listen.port | The port.
|
| services.headscale.settings.dns.extra_records.*.name | DNS record name.
|
| services.netbird.tunnels.<name>.dir.runtime | A runtime directory used by NetBird client.
|
| services.netbird.clients.<name>.dir.runtime | A runtime directory used by NetBird client.
|
| services.wyoming.piper.servers.<name>.extraArgs | Extra arguments to pass to the server commandline.
|
| services.wyoming.piper.servers.<name>.enable | Whether to enable Wyoming Piper server.
|
| networking.wlanInterfaces | Creating multiple WLAN interfaces on top of one physical WLAN device (NIC)
|
| services.httpd.virtualHosts.<name>.http2 | Whether to enable HTTP 2
|
| power.ups.upsmon.monitor.<name>.passwordFile | The full path to a file containing the password from
upsd.users for accessing this UPS
|
| services.i2pd.ifname | Network interface to bind to.
|
| services.pingvin-share.hostname | The domain name of your instance
|
| security.apparmor.policies.<name>.state | How strictly this policy should be enforced
|
| services.rspamd.overrides.<name>.source | Path of the source file.
|
| services.sanoid.templates.<name>.hourly | Number of hourly snapshots.
|
| services.sanoid.templates.<name>.yearly | Number of yearly snapshots.
|
| services.wordpress.sites.<name>.fontsDir | This directory is used to download fonts from a remote location, e.g.
to host google fonts locally.
|
| services.borgbackup.jobs.<name>.paths | Path(s) to back up
|
| services.fedimintd.<name>.nginx.config.root | The path of the web root directory.
|
| services.firewalld.zones.<name>.version | Version of the zone.
|
| programs.xfs_quota.projects.<name>.id | Project ID.
|
| systemd.user.paths.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| security.pam.services.<name>.ttyAudit.openOnly | Set the TTY audit flag when opening the session,
but do not restore it when closing the session
|
| systemd.services.<name>.serviceConfig | Each attribute in this set specifies an option in the
[Service] section of the unit
|
| services.drupal.sites.<name>.virtualHost.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| security.pam.services.<name>.failDelay.enable | If enabled, this will replace the FAIL_DELAY setting from login.defs
|
| services.geth.<name>.authrpc.jwtsecret | Path to a JWT secret for authenticated RPC endpoint.
|
| services.geth.<name>.websocket.address | Listen address of Go Ethereum WebSocket API.
|
| services.borgbackup.jobs.<name>.postInit | Shell commands to run after borg init.
|
| services.wstunnel.servers.<name>.autoStart | Whether to enable starting this wstunnel instance automatically.
|
| services.wstunnel.clients.<name>.autoStart | Whether to enable starting this wstunnel instance automatically.
|
| systemd.network.networks.<name>.bridgeVLANs | A list of BridgeVLAN sections to be added to the unit
|
| services.fedimintd.<name>.bitcoin.rpc.url | Bitcoin node (bitcoind/electrum/esplora) address to connect to
|
| services.davis.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.slskd.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.movim.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.buildkite-agents.<name>.hooks | "Agent" hooks to install
|
| systemd.paths.<name>.description | Description of this unit used in systemd messages and progress indicators.
|
| services.github-runners.<name>.enable | Whether to enable GitHub Actions runner
|
| services.nsd.zones.<name>.dnssecPolicy.zsk.prePublish | How long in advance to publish new keys
|
| services.nsd.zones.<name>.dnssecPolicy.ksk.prePublish | How long in advance to publish new keys
|
| boot.initrd.luks.devices.<name>.yubikey.storage.path | Absolute path of the salt on the unencrypted device with
that device's root directory as "/".
|
| services.httpd.virtualHosts.<name>.sslServerChain | Path to server SSL chain file.
|
| services.tarsnap.archives.<name>.maxbwRateUp | Upload bandwidth rate limit in bytes.
|
| security.pam.services.<name>.howdy.enable | Whether to enable the Howdy PAM module
|
| services.drupal.sites.<name>.virtualHost.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| services.postfix.settings.master.<name>.type | The type of the service
|
| services.drupal.sites.<name>.virtualHost.listen.*.ip | IP to listen on. 0.0.0.0 for IPv4 only, * for all.
|
| services.netbird.tunnels.<name>.login.enable | Whether to enable automated login for NetBird client.
|
| services.netbird.clients.<name>.login.enable | Whether to enable automated login for NetBird client.
|
| services.jitsi-videobridge.xmppConfigs.<name>.hostName | Hostname of the XMPP server to connect to
|
| systemd.shutdown | Definition of systemd shutdown executables
|
| services.nginx.proxyCachePath.<name>.useTempPath | Nginx first writes files that are destined for the cache to a temporary
storage area, and the use_temp_path=off directive instructs Nginx to
write them to the same directories where they will be cached
|
| services.nextcloud.config.dbname | Database name.
|
| boot.initrd.luks.devices.<name>.gpgCard.encryptedPass | Path to the GPG encrypted passphrase.
|
| services.kmonad.keyboards.<name>.device | Path to the keyboard's device file.
|
| services.errbot.instances.<name>.admins | List of identifiers of errbot admins.
|
| services.firewalld.zones.<name>.icmpBlocks | ICMP types to block in the zone.
|
| services.anubis.instances.<name>.enable | Whether to enable this instance of Anubis.
|
| services.dokuwiki.sites.<name>.mergedConfig | Read only representation of the final configuration.
|
| services.restic.backups.<name>.progressFps | Controls the frequency of progress reporting.
|
| security.pam.services.<name>.forwardXAuth | Whether X authentication keys should be passed from the
calling user to the target user (e.g. for
su)
|
| services.borgbackup.jobs.<name>.user | The user borg is run as
|
| services.nginx.virtualHosts.<name>.listen.*.port | Port number to listen on
|
| services.sympa.domains.<name>.settings | The robot.conf configuration file as key value set
|
| systemd.network.networks.<name>.canConfig | Each attribute in this set specifies an option in the
[CAN] section of the unit
|
| systemd.network.networks.<name>.pieConfig | Each attribute in this set specifies an option in the
[PIE] section of the unit
|
| systemd.network.netdevs.<name>.fooOverUDPConfig | Each attribute in this set specifies an option in the
[FooOverUDP] section of the unit
|
| services.borgbackup.repos.<name>.path | Where to store the backups
|
| security.pam.services.<name>.logFailures | Whether to log authentication failures in /var/log/faillog.
|