| services.mosquitto.listeners.*.settings | Additional settings for this listener.
|
| services.mpdscribble.endpoints.<name>.username | Username for the scrobble service.
|
| services.nezha-agent.enable | Whether to enable Agent of Nezha Monitoring.
|
| services.openssh.allowSFTP | Whether to enable the SFTP subsystem in the SSH daemon
|
| services.suricata.settings.vars.address-groups.TELNET_SERVERS | TELNET_SERVERS variable.
|
| services.tt-rss.phpPackage | php package to use for php fpm and update daemon.
|
| services.ocserv.config | Configuration content to start an OCServ server
|
| services.matrix-tuwunel.stateDirectory | The name of the directory under /var/lib/ where the database will be stored
|
| services.typesense.apiKeyFile | Sets the admin api key for typesense
|
| services.prometheus.scrapeConfigs.*.gce_sd_configs.*.refresh_interval | Refresh interval to re-read the cloud instance list
|
| services.prometheus.alertmanager.configText | Alertmanager configuration as YAML text
|
| services.nezha-agent.clientSecretFile | Path to the file contained the client_secret of the dashboard.
|
| services.postgrey.IPv6CIDR | Strip N bits from IPv6 addresses if lookupBySubnet is true
|
| services.rustus.storage.s3_region | S3 region name.
|
| services.sympa.domains.<name>.webLocation | URL path part of the web interface.
|
| services.murmur.password | Required password to join server, if specified.
|
| services.thanos.sidecar.objstore.config-file | Path to YAML file that contains object store configuration
|
| services.sing-box.enable | Whether to enable sing-box universal proxy platform.
|
| services.snipe-it.nginx.locations | Declarative location config
|
| services.linyaps.package | The linyaps package to use.
|
| services.nsd.ratelimit.size | Size of the hashtable
|
| services.prometheus.exporters.lnd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.lnd.openFirewall is true.
|
| services.schleuder.lists | List of list addresses that should be handled by Schleuder
|
| services.smartdns.enable | Whether to enable SmartDNS DNS server.
|
| services.prometheus.exporters.process.user | User name under which the process exporter shall be run.
|
| services.sanoid.datasets.<name>.daily | Number of daily snapshots.
|
| services.lighthouse.beacon.enable | Whether to enable Lightouse Beacon node.
|
| services.nixops-dns.user | The user the nixops-dns daemon should run as
|
| services.openafsClient.cache.blocks | Cache size in 1KB blocks.
|
| services.scrutiny.collector.settings | Collector settings to be rendered into the collector configuration file
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.set_mark_out | Netfilter mark applied to packets after the outbound IPsec SA processed
them
|
| services.sunshine.applications.env | Environment variables to be set for the applications.
|
| services.syncplay.isolateRooms | Enable room isolation.
|
| services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.cert.<name>.module | Optional PKCS#11 module name.
|
| services.thanos.rule.web.external-prefix | Static prefix for all HTML links and redirect URLs in the UI query web
interface
|
| services.monica.nginx.listenAddresses | Listen addresses for this virtual host
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cacerts | List of CA certificates to accept for
authentication
|
| services.system76-scheduler.settings.processScheduler.enable | Tweak scheduling of individual processes in real time.
|
| services.memcached.enableUnixSocket | Whether to enable Unix Domain Socket at /run/memcached/memcached.sock instead of listening on an IP address and port
|
| services.strongswan-swanctl.swanctl.authorities.<name>.cacert | The certificates may use a relative path from the swanctl
x509ca directory or an absolute path
|
| services.multipath.devices.*.marginal_path_err_sample_time | One of the four parameters of supporting path check based on accounting IO error such as intermittent error
|
| services.prometheus.exporters.wireguard.openFirewall | Open port in firewall for incoming connections.
|
| services.minecraft-server.enable | If enabled, start a Minecraft Server
|
| services.tor.settings.ReachableDirAddresses | See torrc manual.
|
| services.prometheus.exporters.sabnzbd.servers | List of sabnzbd servers to connect to.
|
| services.prometheus.scrapeConfigs.*.dockerswarm_sd_configs.*.authorization.credentials_file | Sets the credentials to the credentials read from the configured file
|
| services.teeworlds.game.gameType | The game type to use on the server
|
| services.sabnzbd.group | Group to run the service as
|
| services.transfer-sh.enable | Whether to enable Easy and fast file sharing from the command-line.
|
| services.prometheus.scrapeConfigs.*.openstack_sd_configs.*.availability | The availability of the endpoint to connect to
|
| services.redmine.address | IP address Redmine should bind to.
|
| services.roundcube.extraConfig | Extra configuration for roundcube webmail instance
|
| services.logstash.logLevel | Logging verbosity level.
|
| services.prometheus.exporters.unpoller.openFirewall | Open port in firewall for incoming connections.
|
| services.tailscale.derper.port | The port the derper process will listen on
|
| services.orangefs.server.fileSystems.<name>.rootHandle | File system root ID.
|
| services.prometheus.exporters.exportarr-bazarr.apiKeyFile | File containing the api-key.
|
| services.serviio.openFirewall | Open ports in the firewall for the Serviio Media Server.
|
| services.sshguard.blacklist_threshold | Blacklist an attacker when its score exceeds threshold
|
| services.openafsServer.roles.backup.buserverArgs | Arguments to the buserver process
|
| services.prometheus.remoteWrite.*.queue_config | Configures the queue used to write to remote storage.
|
| services.tayga.mappings | Static IPv4 -> IPv6 host mappings.
|
| services.limesurvey.nginx.virtualHost.listen.*.extraParameters | Extra parameters of this listen directive.
|
| services.tt-rss.singleUserMode | Operate in single user mode, disables all functionality related to
multiple users and authentication
|
| services.microsocks.ip | IP on which microsocks should listen
|
| services.nextcloud-whiteboard-server.secrets | A list of files containing the various secrets
|
| services.oauth2-proxy.nginx.virtualHosts.<name>.allowed_email_domains | List of email domains to allow access to this vhost, or null to allow all.
|
| services.openssh.settings.UsePAM | Whether to enable PAM authentication.
|
| services.prometheus.exporters.blackbox.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.blackbox.openFirewall
is true
|
| services.renovate.runtimePackages | Packages available to renovate.
|
| services.tor.settings.ExtendAllowPrivateAddresses | See torrc manual.
|
| services.prometheus.exporters.domain.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.scrapeConfigs.*.marathon_sd_configs.*.oauth2.client_secret | OAuth client secret.
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.entitlement | The entitlement string to filter eligible systems
|
| services.sanoid.datasets.<name>.autosnap | Whether to automatically take snapshots.
|
| services.thanos.query.query.partial-response | Enable partial response for queries if no
partial_response param is specified.
|
| services.lldap.settings.ldap_user_email | Admin email.
|
| services.resilio.downloadLimit | Download speed limit. 0 is unlimited (default).
|
| services.tor.settings.ControlPort | See torrc manual.
|
| services.monero.rpc.password | Password for RPC connections.
|
| services.mysqlBackup.gzipOptions | Command line options to use when invoking gzip
|
| services.pict-rs.package | The pict-rs package to use.
|
| services.prometheus.exporters.bind.bindTimeout | Timeout for trying to get stats from Bind.
|
| services.slurm.server.enable | Whether to enable the slurm control daemon
|
| services.subsonic.httpsPort | The port on which Subsonic will listen for
incoming HTTPS traffic
|
| services.swapspace.settings.buffer_elasticity | Percentage of buffer space considered to be "free"
|
| services.peertube.smtp.passwordFile | Password for smtp server.
|
| services.pptpd.extraPppdOptions | Adds extra lines to the pppd options file.
|
| services.prometheus.exporters.collectd.collectdBinary.authFile | File mapping user names to pre-shared keys (passwords).
|
| services.prometheus.scrapeConfigs.*.digitalocean_sd_configs.*.refresh_interval | The time after which the droplets are refreshed
|
| services.tt-rss.registration.enable | Allow users to register themselves
|
| services.unbound.group | Group under which unbound runs.
|
| services.prometheus.exporters.snmp.enable | Whether to enable the prometheus snmp exporter.
|
| services.roon-server.enable | Whether to enable Roon Server.
|
| services.misskey.database.passwordFile | The path to a file containing the database password
|
| services.pairdrop.environment | Additional configuration (environment variables) for PairDrop, see
https://github.com/schlagmichdoch/PairDrop/blob/master/docs/host-your-own.md#environment-variables
for supported values.
|
| services.prowlarr.settings.update.mechanism | which update mechanism to use
|
| services.redlib.package | The redlib package to use.
|
| services.tor.settings.HTTPTunnelPort | See torrc manual.
|
| services.matomo.nginx.addSSL | Whether to enable HTTPS in addition to plain HTTP
|