| services.radicle.ci.broker.settings.db | Database file path.
|
| services.tahoe.nodes.<name>.client.shares.happy | The number of distinct storage nodes required to store
a file.
|
| services.rspamd.workers.<name>.extraConfig | Additional entries to put verbatim into worker section of rspamd config file.
|
| services.radicle.privateKeyFile | Absolute file path to an SSH private key,
usually generated by rad auth
|
| services.outline.storage.storageType | File storage type, it can be local or s3.
|
| services.netbox.keycloakClientSecret | File that contains the keycloak client secret.
|
| services.prosody.modules.proxy65 | Enables a file transfer proxy service which clients behind NAT can use
|
| services.syncoid.commands.<name>.sshKey | SSH private key file to use to login to the remote system
|
| services.rspamd.overrides.<name>.source | Path of the source file.
|
| services.xserver.inputClassSections | Content of additional InputClass sections of the X server configuration file.
|
| services.watchdogd.settings | Configuration to put in watchdogd.conf
|
| services.tarsnap.keyfile | The keyfile which associates this machine with your tarsnap
account
|
| services.prometheus.scrapeConfigs.*.hetzner_sd_configs.*.authorization.credentials_file | Sets the credentials to the credentials read from the configured file
|
| services.sourcehut.builds.group | Group for builds.sr.ht
|
| i18n.inputMethod.fcitx5.settings.inputMethod | The input method configure in profile file in ini format.
|
| services.kmonad.keyboards.<name>.device | Path to the keyboard's device file.
|
| services.kimai.sites.<name>.database.socket | Path to the unix socket file to use for authentication.
|
| services.icingaweb2.roles | roles.ini contents
|
| services.httpd.virtualHosts.<name>.sslServerChain | Path to server SSL chain file.
|
| services.gotenberg.enableBasicAuth | HTTP Basic Authentication
|
| services.lanraragi.passwordFile | A file containing the password for LANraragi's admin interface.
|
| services.invidious.hmacKeyFile | A path to a file containing the hmac_key
|
| services.agorakit.mail.passwordFile | A file containing the password corresponding to
|
| services.canaille.ldapBindPasswordFile | File containing the LDAP bind password.
|
| services.keepalived.extraConfig | Extra lines to be added verbatim to the configuration file.
|
| services.postgresql.checkConfig | Check the syntax of the configuration file at compile time
|
| services.slurm.extraPlugstackConfig | Extra configuration that will be added to the end of plugstack.conf.
|
| services.teeworlds.extraOptions | Extra configuration lines for the teeworlds.cfg
|
| services.nsd.remoteControl.serverKeyFile | Path to the server private key, which is used by the server
but not by nsd-control
|
| services.postfix.settings.main | The main.cf configuration file as key value set
|
| services.nextcloud.secretFile | Secret options which will be appended to Nextcloud's config.php file (written as JSON, in the same
form as the services.nextcloud.settings option), for example
{"redis":{"password":"secret"}}.
|
| services.longview.mysqlPasswordFile | A file containing the password corresponding to mysqlUser.
|
| services.zoneminder.extraConfig | Additional configuration added verbatim to the configuration file.
|
| services.wiki-js.environmentFile | Environment file to inject e.g. secrets into the configuration.
|
| services.xserver.serverLayoutSection | Contents of the ServerLayout section of the X server configuration file.
|
| services.dnscrypt-proxy.settings | Attrset that is converted and passed as TOML config file
|
| services.k3s.manifests.<name>.target | Name of the symlink (relative to /var/lib/rancher/k3s/server/manifests)
|
| services.prometheus.scrapeConfigs.*.dockerswarm_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.autorandr.profiles.<name>.hooks.preswitch | Preswitch hook executed before mode switch.
|
| services.kubernetes.proxy.kubeconfig.caFile | Kubernetes proxy certificate authority file used to connect to kube-apiserver.
|
| services.guacamole-server.logbackXml | Configuration file that correspond to logback.xml.
|
| services.mx-puppet-discord.settings | config.yaml configuration as a Nix attribute set
|
| services.coturn.listening-ips | Listener IP addresses of relay server
|
| boot.loader.limine.validateChecksums | Whether to validate file checksums before booting.
|
| services.guacamole-client.logbackXml | Configuration file that correspond to logback.xml.
|
| security.pam.services.<name>.logFailures | Whether to log authentication failures in /var/log/faillog.
|
| services.duplicity.secretFile | Path of a file containing secrets (gpg passphrase, access key...) in
the format of EnvironmentFile as described by
systemd.exec(5)
|
| services.mailman.ldap.bindPasswordFile | Path to the file containing the bind password of the service account
defined by services.mailman.ldap.bindDn.
|
| services.postfix-tlspol.settings | The postfix-tlspol configuration file as a Nix attribute set
|
| services.sks.webroot | Source directory (will be symlinked, if not null) for the files the
built-in webserver should serve
|
| services.mastodon.redis.passwordFile | A file containing the password for Redis database.
|
| services.sympa.database.passwordFile | A file containing the password for services.sympa.database.name.
|
| services.reaction.settings | Configuration for reaction
|
| services.tahoe.nodes.<name>.client.shares.needed | The number of shares required to reconstitute a file.
|
| services.searx.faviconsSettings | Favicons settings for SearXNG.
|
| services.suwayomi-server.settings | Configuration to write to server.conf
|
| services.mediawiki.passwordFile | A file containing the initial password for the administrator account "admin".
|
| users.users.<name>.linger | Whether to enable or disable lingering for this user
|
| services.rke2.manifests.<name>.target | Name of the symlink (relative to /var/lib/rancher/rke2/server/manifests)
|
| services.rke2.images | List of derivations that provide container images
|
| services.prometheus.exporters.mikrotik.configFile | Path to a mikrotik exporter configuration file
|
| services.libinput.mouse.accelProfile | Sets the pointer acceleration profile to the given profile
|
| services.kubernetes.proxy.kubeconfig.keyFile | Kubernetes proxy client key file used to connect to kube-apiserver.
|
| services.autorandr.profiles.<name>.hooks.predetect | Predetect hook executed before autorandr attempts to run xrandr.
|
| services.beesd.filesystems.<name>.spec | Description of how to identify the filesystem to be duplicated by this
instance of bees
|
| services.journald.remote.settings.Remote.ServerCertificateFile | A path to a SSL certificate file in PEM format
|
| services.vaultwarden.environmentFile | Additional environment file or files as defined in systemd.exec(5)
|
| services.pgbouncer.settings.pgbouncer.max_client_conn | Maximum number of client connections allowed
|
| services.gitea.database.passwordFile | A file containing the password corresponding to
database.user.
|
| services.fusionInventory.extraConfig | Configuration that is injected verbatim into the configuration file.
|
| services.hebbot.templates.section | A path to the Markdown file for the section template.
|
| services.iodine.clients.<name>.passwordFile | Path to a file containing the password.
|
| security.pam.services.<name>.sshAgentAuth | If set, the calling user's SSH agent is used to authenticate
against the keys in the calling user's
~/.ssh/authorized_keys
|
| services.borgbackup.jobs.<name>.preHook | Shell commands to run before the backup
|
| services.headscale.settings | Overrides to config.yaml as a Nix attribute set
|
| services.hebbot.templates.project | A path to the Markdown file for the project template.
|
| services.gitDaemon.exportAll | Publish all directories that look like Git repositories (have the objects
and refs subdirectories), even if they do not have the git-daemon-export-ok file
|
| services.fail2ban.daemonSettings | The contents of Fail2ban's main configuration file
|
| services.ncdns.dnssec.keys.public | Path to the file containing the KSK public key
|
| services.thanos.rule.query.sd-interval | Refresh interval to re-read file SD files. (used as a fallback)
Defaults to 5m in Thanos
when set to null.
|
| services.reposilite.settings | Configuration written to the reposilite.cdn file
|
| services.tandoor-recipes.extraConfig | Extra tandoor recipes config options
|
| services.misskey.settings.chmodSocket | The file access mode of the UNIX socket.
|
| services.restic.backups.<name>.passwordFile | Read the repository password from a file.
|
| services.mchprs.whitelist.enable | Whether or not the whitelist (in whitelist.json) shoud be enabled
|
| systemd.slices.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| systemd.timers.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| services.zabbixServer.database.socket | Path to the unix socket file to use for authentication.
|
| services.prometheus.scrapeConfigs.*.openstack_sd_configs.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|
| services.opentelemetry-collector.configFile | Specify a path to a configuration file that Opentelemetry Collector should use.
|
| services.prometheus.exporters.unpoller.controllers.*.pass | Path of a file containing the password for the unifi service user
|
| services.prometheus.exporters.borgmatic.configFile | The path to the borgmatic config file
|
| services.kubernetes.proxy.kubeconfig.certFile | Kubernetes proxy client certificate file used to connect to kube-apiserver.
|
| services.lldap.settings.ldap_user_pass_file | Path to a file containing the default admin password
|
| services.deepin.deepin-anything.enable | Whether to enable deepin anything file search tool.
|
| services.peering-manager.oidcConfigPath | Path to the Configuration-File for OIDC-Authentication, will be loaded as oidc_config.py
|
| services.dnscrypt-proxy2.settings | Attrset that is converted and passed as TOML config file
|
| security.auditd.plugins.<name>.settings | Plugin-specific config file to link to /etc/audit/.conf
|
| boot.loader.systemd-boot.windows.<name>.sortKey | systemd-boot orders the menu entries by their sort keys,
so if you want something to appear after all the NixOS entries,
it should start with o or onwards
|
| services.cloudlog.update-dok.enable | Whether to periodically update the DOK resource file
|