| services.rauc.slots.<name>.*.type | The type of the device.
|
| services.syncthing.relay.enable | Whether to enable Syncthing relay service.
|
| services.maddy.package | The maddy package to use.
|
| services.nextcloud.secretFile | Secret options which will be appended to Nextcloud's config.php file (written as JSON, in the same
form as the services.nextcloud.settings option), for example
{"redis":{"password":"secret"}}.
|
| services.ombi.package | The ombi package to use.
|
| services.printing.allowFrom | From which hosts to allow unconditional access.
|
| services.sickbeard.package | The sickbeard package to use
|
| services.solanum.enable | Whether to enable Solanum IRC daemon.
|
| services.taskserver.user | User for Taskserver.
|
| services.misskey.reverseProxy.webserver.nginx.listen.*.extraParameters | Extra parameters of this listen directive.
|
| services.postgres-websockets.environment.PGWS_HOST | Address the server will listen for websocket connections.
|
| services.lxd-image-server.group | Group assigned to the user and the webroot directory.
|
| services.misskey.reverseProxy.webserver.nginx.locations.<name>.recommendedProxySettings | Enable recommended proxy settings.
|
| services.monica.nginx.listen.*.proxyProtocol | Enable PROXY protocol.
|
| services.snipe-it.database.name | Database name.
|
| services.tcsd.user | User account under which tcsd runs.
|
| services.passSecretService.package | The pass-secret-service package to use.
|
| services.n8n.environment.N8N_USER_FOLDER | Provide the path where n8n will create the .n8n folder
|
| services.netdata.deadlineBeforeStopSec | In order to detect when netdata is misbehaving, we run a concurrent task pinging netdata (wait-for-netdata-up)
in the systemd unit
|
| services.mqtt2influxdb.mqtt.host | Host where MQTT server is running.
|
| services.prometheus.exporters.imap-mailstat.accounts.<name>.serveraddress | mailserver name or address
|
| services.pdfding.backup.endpoint | The s3 endpoint for backups
|
| services.podgrab.enable | Whether to enable Podgrab, a self-hosted podcast manager.
|
| services.pretalx.gunicorn.extraArgs | Extra arguments to pass to gunicorn
|
| services.prosody.muc.*.roomLockTimeout | Timeout after which the room is destroyed or unlocked if not
configured, in seconds
|
| services.radicle.httpd.nginx.globalRedirect | If set, all requests for this host are redirected (defaults to 301,
configurable with redirectCode) to the given hostname.
|
| services.prometheus.exporters.ping.extraFlags | Extra commandline options to pass to the ping exporter.
|
| services.prometheus.exporters.statsd.listenAddress | Address to listen on.
|
| services.prometheus.scrapeConfigs.*.gce_sd_configs.*.zone | The zone of the scrape targets
|
| services.prometheus.scrapeConfigs.*.scaleway_sd_configs.*.refresh_interval | Refresh interval to re-read the managed targets list
|
| services.sabnzbd.settings.ntfosd.ntfosd_enable | Whether to enable NotifyOSD alerts
|
| services.mchprs.settings.motd | Message of the day
|
| services.prometheus.scrapeConfigs.*.digitalocean_sd_configs.*.oauth2.client_id | OAuth client ID.
|
| services.qui.openFirewall | Whether or not to open ports in the firewall for qui.
|
| services.mediatomb.uuid | A unique (on your network) to identify the server by.
|
| services.openssh.knownHosts | Alias of programs.ssh.knownHosts.
|
| services.prometheus.exporters.ping.user | User name under which the ping exporter shall be run.
|
| services.tt-rss.updateDaemon.commandFlags | Command-line flags passed to the update daemon
|
| services.mollysocket.settings.port | Listening port of the web server
|
| services.pinchflat.user | User account under which Pinchflat runs.
|
| services.tahoe.nodes.<name>.tub.port | The port on which the tub will listen
|
| services.minidlna.settings.wide_links | Set this to yes to allow symlinks that point outside user-defined media_dir.
|
| services.postfix.headerChecks.*.pattern | A regexp pattern matching the header
|
| services.prometheus.exporters.unpoller.controllers | List of Unifi controllers to poll
|
| services.rspamd.overrides.<name>.text | Text of the file.
|
| services.shadowsocks.password | Password for connecting clients.
|
| services.suricata.settings.vars.address-groups.SMTP_SERVERS | SMTP_SERVERS variable.
|
| services.syncthing.group | The group to run Syncthing under
|
| services.murmur.port | Ports to bind to (UDP and TCP).
|
| services.playerctld.enable | Whether to enable the playerctld daemon.
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.oauth2.client_secret | OAuth client secret.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.mark_out | Netfilter mark and mask for output traffic
|
| services.postfix.settings.master.<name>.chroot | Whether the service is chrooted to have only access to the
services.postfix.queueDir and the closure of
store paths specified by the program option.
|
| services.routedns.settings | Configuration for RouteDNS, see https://github.com/folbricht/routedns/blob/master/doc/configuration.md
for more information.
|
| services.nix-store-gcs-proxy.<name>.enable | Whether to enable proxy for this bucket
|
| services.olivetin.user | The user account under which OliveTin runs.
|
| services.prometheus.exporters.json.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.json.openFirewall is true.
|
| services.prometheus.exporters.smartctl.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.smartctl.openFirewall is true.
|
| services.prometheus.scrapeConfigs.*.linode_sd_configs.*.tls_config.key_file | Key file for client cert authentication to the server.
|
| services.rmfakecloud.logLevel | Logging level.
|
| services.powerdns.enable | Whether to enable PowerDNS domain name server.
|
| services.mbpfan.enable | Whether to enable mbpfan, fan controller daemon for Apple Macs and MacBooks.
|
| services.nextcloud-spreed-signaling.settings.etcd.endpoints | List of static etcd endpoints to connect to.
|
| services.nginx.sslDhparam | Path to DH parameters file.
|
| services.mobilizon.settings.":mobilizon"."Mobilizon.Storage.Repo".username | User used to connect to the database
|
| services.moosefs.chunkserver.openFirewall | Whether to automatically open required firewall ports for chunkserver service.
|
| services.prometheus.exporters.imap-mailstat.oldestUnseenDate | Enable metric with timestamp of oldest unseen mail
|
| services.thanos.query.query.auto-downsampling | Enable automatic adjustment (step / 5) to what source of data should
be used in store gateways if no
max_source_resolution param is specified.
|
| services.limesurvey.httpd.virtualHost.robotsEntries | Specification of pages to be ignored by web crawlers
|
| services.opensnitch.settings.InterceptUnknown | Whether to intercept spare connections.
|
| services.prometheus.exporters.collectd.collectdBinary.port | Network address on which to accept collectd binary network packets.
|
| services.mirakurun.tunerSettings | Options which are added to tuners.yml
|
| services.peering-manager.ldapConfigPath | Path to the Configuration-File for LDAP-Authentication, will be loaded as ldap_config.py
|
| services.rsync.jobs.<name>.sources | Source directories.
|
| services.sanoid.extraArgs | Extra arguments to pass to sanoid
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.if_id_out | XFRM interface ID set on outbound policies/SA
|
| services.lokinet.settings.dns.upstream | Upstream resolver(s) to use as fallback for non-loki addresses
|
| services.misskey.redis.createLocally | Create and use a local Redis instance
|
| services.restic.backups.<name>.rcloneConfig | Configuration for the rclone remote being used for backup
|
| services.rspamd.group | Group to use when no root privileges are required.
|
| services.udev.extraHwdb | Additional hwdb files
|
| services.mastodon.database.passwordFile | A file containing the password corresponding to
database.user.
|
| services.mastodon.smtp.user | SMTP login name.
|
| services.matomo.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.mediawiki.httpd.virtualHost.http2 | Whether to enable HTTP 2
|
| services.snipe-it.mail.replyTo.name | Mail "reply-to" name.
|
| services.thanos.downsample.log.level | Log filtering level
|
| services.sssd.sshAuthorizedKeysIntegration | Whether to make sshd look up authorized keys from SSS
|
| services.paperless.enable | Whether to enable Paperless-ngx
|
| services.prometheus.exporters.idrac.user | User name under which the idrac exporter shall be run.
|
| services.openssh.settings.X11Forwarding | Whether to allow X11 connections to be forwarded.
|
| services.outline.discordAuthentication.clientId | Authentication client identifier.
|
| services.radarr.enable | Whether to enable Radarr, a UsetNet/BitTorrent movie downloader.
|
| services.mainsail.nginx.kTLS | Whether to enable kTLS support
|
| services.movim.precompressStaticFiles.gzip.enable | Whether to enable Gzip precompression.
|
| services.outline.oidcAuthentication.displayName | Display name for OIDC authentication.
|
| services.snowflake-proxy.stun | STUN broker URL (default "stun:stun.stunprotocol.org:3478")
|
| services.thanos.rule.query.addresses | Addresses of statically configured query API servers
|
| services.tmate-ssh-server.advertisedPort | External port advertised to clients
|
| services.matrix-tuwunel.settings.global.address | Addresses (IPv4 or IPv6) to listen on for connections by the reverse proxy/tls terminator
|