| services.syncthing.package | The syncthing package to use.
|
| services.matrix-tuwunel.settings.global.server_name | The server_name is the name of this server
|
| services.murmur.group | The name of an existing group to use to run the service
|
| services.nfs.server.lockdPort | Use a fixed port for the NFS lock manager kernel module
(lockd/nlockmgr)
|
| services.outline.discordAuthentication.serverId | Restrict logins to a specific server (optional, but recommended)
|
| services.physlock.lockOn.suspend | Whether to lock screen with physlock just before suspend.
|
| services.rss2email.feeds | The feeds to watch.
|
| services.maubot.settings.admins | List of administrator users
|
| services.nextcloud.enable | Whether to enable nextcloud.
|
| services.nostr-rs-relay.package | The nostr-rs-relay package to use.
|
| services.opengfw.settings.ruleset.geoip | Path to geoip.dat.
|
| services.pcscd.plugins | Plugin packages to be used for PCSC-Lite.
|
| services.pleroma.configs | Pleroma public configuration
|
| services.prometheus.exporters.exportarr-radarr.package | The exportarr package to use.
|
| services.prosody.s2sInsecureDomains | Some servers have invalid or self-signed certificates
|
| services.lifecycled.cloudwatchGroup | Write logs to a specific Cloudwatch Logs group.
|
| services.mediawiki.httpd.virtualHost.locations | Declarative location config
|
| services.opkssh.providers | OpenID Connect providers configuration
|
| services.prometheus.scrapeConfigs.*.kubernetes_sd_configs.*.authorization | Optional Authorization header configuration.
|
| services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.cert.<name>.handle | Hex-encoded CKA_ID or handle of the certificate on a token or TPM,
respectively
|
| services.suricata.settings.outputs | Configure the type of alert (and other) logging you would like
|
| services.syncthing.relay.listenAddress | Address to listen on for relay traffic.
|
| services.tor.settings.V3AuthoritativeDirectory | See torrc manual.
|
| services.nginx.sslCiphers | Ciphers to choose from when negotiating TLS handshakes.
|
| services.paperless.package | The paperless-ngx package to use.
|
| services.podgrab.user | User under which Podgrab runs, and which owns the download directory.
|
| services.prometheus.exporters.jitsi.listenAddress | Address to listen on.
|
| services.prometheus.exporters.php-fpm.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.xmpp-alerts.enable | Whether to enable XMPP Web hook service for Alertmanager.
|
| services.slurm.server.flags | Flags passed to slurmctld daemon, see slurmctld(8)
|
| services.strongswan-swanctl.swanctl.connections.<name>.ppk_id | String identifying the Postquantum Preshared Key (PPK) to be used.
|
| services.local-content-share.openFirewall | Whether to automatically open the specified port in the firewall
|
| services.mysql.ensureUsers.*.ensurePermissions | Permissions to ensure for the user, specified as attribute set
|
| services.nextcloud.settings.mail_smtpsecure | This depends on mail_smtpmode
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|
| services.spark.worker.enable | Whether to enable Spark worker service.
|
| services.thanos.sidecar.http-address | Listen host:port for HTTP endpoints
|
| services.mautrix-discord.dataDir | Directory to store the bridge's configuration and database files
|
| services.prometheus.exporters.domain.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.domain.openFirewall is true.
|
| services.prometheus.exporters.postfix.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.postfix.openFirewall
is true
|
| services.reposilite.settings.sslPort | SSL port to bind to
|
| services.restic.backups.<name>.package | The restic package to use.
|
| services.shadowsocks.pluginOpts | Options to pass to the plugin if one was specified
|
| services.nsd.remoteControl.controlKeyFile | Path to the client private key, which is used by nsd-control
but not by the server
|
| services.prometheus.exporters.exportarr-readarr.environment | See the configuration guide for available options.
|
| services.olivetin.settings.ListenAddressSingleHTTPFrontend | The address to listen on for the internal "microproxy" frontend.
|
| services.prometheus.exporters.nats.group | Group under which the nats exporter shall be run.
|
| services.prometheus.exporters.nut.nutServer | Hostname or address of the NUT server
|
| services.szurubooru.client.package | The client package to use.
|
| services.taler.exchange.settings | Configuration options for the taler exchange config file
|
| services.taskserver.debug | Logs debugging information.
|
| services.postgresqlWalReceiver.receivers.<name>.slot | Require pg_receivewal to use an existing replication slot (see
Section 26.2.6 of the PostgreSQL manual)
|
| services.pptpd.serverIp | The server-side IP address.
|
| services.tahoe.nodes.<name>.sftpd.enable | Whether to enable SFTP service.
|
| services.tor.tsocks.server | IP address of TOR client to use.
|
| services.movim.precompressStaticFiles.brotli.package | The brotli package to use.
|
| services.mtr-exporter.port | Listen port for MTR exporter.
|
| services.newt.blueprint | Blueprint for declarative settings, see Newt Blueprint docs for more information.
|
| services.prometheus.exporters.mongodb.listenAddress | Address to listen on.
|
| services.prometheus.exporters.rtl_433.rtl433Flags | Flags passed verbatim to rtl_433 binary
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.refresh_interval | Refresh interval to re-read the managed targets list
|
| services.thanos.compact.objstore.config-file | Path to YAML file that contains object store configuration
|
| services.peerflix.stateDir | Peerflix state directory.
|
| services.undervolt.enable | Whether to enable Undervolting service for Intel CPUs
|
| services.monica.nginx.locations.<name>.index | Adds index directive.
|
| services.nginx.virtualHosts.<name>.locations.<name>.index | Adds index directive.
|
| services.openafsServer.roles.fileserver.enable | Fileserver role, serves files and volumes from its local storage.
|
| services.postgrey.whitelistClients | Client address whitelist files (see postgrey(8))
|
| services.netdata.python.recommendedPythonPackages | Whether to enable a set of recommended Python plugins
by installing extra Python packages.
|
| services.prometheus.scrapeConfigs.*.relabel_configs.*.action | Action to perform based on regex matching
|
| services.radvd.enable | Whether to enable the Router Advertisement Daemon
(radvd), which provides link-local
advertisements of IPv6 router addresses and prefixes using
the Neighbor Discovery Protocol (NDP)
|
| services.movim.h2o.host | Set the host address for this virtual host
|
| services.prosody.modules.uptime | Report how long server has been running
|
| services.mastodon.package | The mastodon package to use.
|
| services.mediawiki.httpd.virtualHost.servedDirs | This option provides a simple way to serve static directories.
|
| services.newt.settings | Settings for Newt module, see Newt CLI docs for more information.
|
| services.oink.settings.ttl | The TTL ("Time to Live") value to set for your DNS records
|
| services.prometheus.remoteWrite.*.metadata_config.send_interval | How frequently metric metadata is sent to remote storage.
|
| services.scion.scion-ip-gateway.config | scion-ip-gateway daemon configuration
|
| services.unit.group | Group account under which unit runs.
|
| services.prometheus.exporters.node.port | Port to listen on.
|
| services.netbird.clients.<name>.config | Additional configuration that exists before the first start and
later overrides the existing values in config.json
|
| services.nipap.enable | Whether to enable global Neat IP Address Planner (NIPAP) configuration.
|
| services.snmpd.configFile | Path to the snmpd.conf file
|
| services.nginx.appendConfig | Configuration lines appended to the generated Nginx
configuration file
|
| services.strongswan-swanctl.swanctl.secrets.ecdsa.<name>.file | File name in the ecdsa folder for which this
passphrase should be used.
|
| services.timesyncd.extraConfig | Extra config options for systemd-timesyncd
|
| services.tor.settings.BridgeAuthoritativeDir | See torrc manual.
|
| services.meilisearch.package | The meilisearch package to use
|
| services.nebula.networks.<name>.staticHostMap | The static host map defines a set of hosts with fixed IP addresses on the internet (or any network)
|
| services.prometheus.exporters.unbound.port | Port to listen on.
|
| services.tor.settings.KeyDirectoryGroupReadable | See torrc manual.
|
| services.mediawiki.httpd.virtualHost.sslServerKey | Path to server SSL certificate key.
|
| services.neo4j.ssl.policies.<name>.privateKey | The name of private PKCS #8 key file for this policy to be found
in the baseDirectory, or the absolute path to
the key file
|
| services.prometheus.scrapeConfigs.*.consul_sd_configs.*.basic_auth.username | HTTP username
|
| services.public-inbox.enable | Whether to enable the public-inbox mail archiver.
|
| services.sysstat.enable | Whether to enable sar system activity collection.
|
| services.netdata.package | The netdata package to use.
|
| services.prometheus.exporters.influxdb.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.influxdb.openFirewall is true.
|
| services.prometheus.exporters.pve.collectors.node | Collect PVE node info
|