| services.crowdsec.settings.console.configuration | Attributes inside the console.yaml file.
|
| systemd.mounts.*.reloadTriggers | An arbitrary list of items such as derivations
|
| systemd.paths.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| services.hebbot.templates.section | A path to the Markdown file for the section template.
|
| services.hebbot.templates.project | A path to the Markdown file for the project template.
|
| services.misskey.settings.chmodSocket | The file access mode of the UNIX socket.
|
| services.xserver.logFile | Controls the file Xorg logs to
|
| services.httpd.virtualHosts.<name>.sslServerChain | Path to server SSL chain file.
|
| services.slurm.extraPlugstackConfig | Extra configuration that will be added to the end of plugstack.conf.
|
| services.xserver.serverLayoutSection | Contents of the ServerLayout section of the X server configuration file.
|
| services.kmonad.keyboards.<name>.device | Path to the keyboard's device file.
|
| services.lanraragi.passwordFile | A file containing the password for LANraragi's admin interface.
|
| services.keepalived.extraConfig | Extra lines to be added verbatim to the configuration file.
|
| services.postgresql.checkConfig | Check the syntax of the configuration file at compile time
|
| services.longview.mysqlPasswordFile | A file containing the password corresponding to mysqlUser.
|
| services.zoneminder.extraConfig | Additional configuration added verbatim to the configuration file.
|
| services.wiki-js.environmentFile | Environment file to inject e.g. secrets into the configuration.
|
| services.canaille.ldapBindPasswordFile | File containing the LDAP bind password.
|
| services.cloudlog.update-dok.enable | Whether to periodically update the DOK resource file
|
| services.coturn.listening-ips | Listener IP addresses of relay server
|
| security.tpm2.fapi.ekCertLess | A switch to disable Endorsement Key (EK) certificate verification
|
| services.journald.remote.settings.Remote.ServerCertificateFile | A path to a SSL certificate file in PEM format
|
| services.duplicity.secretFile | Path of a file containing secrets (gpg passphrase, access key...) in
the format of EnvironmentFile as described by
systemd.exec(5)
|
| services.reaction.settings | Configuration for reaction
|
| services.nsd.remoteControl.serverCertFile | Path to the server self signed certificate, which is used by the server
but and by nsd-control
|
| services.prometheus.scrapeConfigs.*.digitalocean_sd_configs.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|
| services.oncall.secretFile | A YAML file containing secrets such as database or user passwords
|
| services.cross-seed.settings.dataDirs | Paths to be searched for matching data
|
| services.postfix-tlspol.settings | The postfix-tlspol configuration file as a Nix attribute set
|
| security.acme.defaults.webroot | Where the webroot of the HTTP vhost is located.
.well-known/acme-challenge/ directory
will be created below the webroot if it doesn't exist.
http://example.org/.well-known/acme-challenge/ must also
be available (notice unencrypted HTTP).
|
| services.mx-puppet-discord.settings | config.yaml configuration as a Nix attribute set
|
| services.searx.faviconsSettings | Favicons settings for SearXNG.
|
| services.deepin.deepin-anything.enable | Whether to enable deepin anything file search tool.
|
| security.pam.services.<name>.logFailures | Whether to log authentication failures in /var/log/faillog.
|
| services.dolibarr.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.librenms.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.kanboard.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.fediwall.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.agorakit.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.pixelfed.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.mainsail.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.snipe-it.database.passwordFile | A file containing the password corresponding to
database.user.
|
| services.rke2.images | List of derivations that provide container images
|
| services.portunus.ldap.tls | Whether to enable LDAPS protocol
|
| services.gns3-server.auth.passwordFile | A file containing the password to access the GNS3 Server.
This should be a string, not a nix path, since nix paths
are copied into the world-readable nix store.
|
| security.pam.services.<name>.sshAgentAuth | If set, the calling user's SSH agent is used to authenticate
against the keys in the calling user's
~/.ssh/authorized_keys
|
| services.suwayomi-server.settings | Configuration to write to server.conf
|
| services.mediawiki.passwordFile | A file containing the initial password for the administrator account "admin".
|
| services.guacamole-server.logbackXml | Configuration file that correspond to logback.xml.
|
| services.guacamole-client.logbackXml | Configuration file that correspond to logback.xml.
|
| services.thanos.query.store.sd-interval | Refresh interval to re-read file SD files
|
| users.ldap.daemon.rootpwmodpwFile | The path to a file containing the credentials with which to bind to
the LDAP server if the root user tries to change a user's password.
|
| services.tandoor-recipes.extraConfig | Extra tandoor recipes config options
|
| services.slurm.dbdserver.extraConfig | Extra configuration for slurmdbd.conf See also:
slurmdbd.conf(8).
|
| services.borgbackup.jobs.<name>.preHook | Shell commands to run before the backup
|
| services.headscale.settings | Overrides to config.yaml as a Nix attribute set
|
| services.caddy.enableReload | Reload Caddy instead of restarting it when configuration file changes
|
| services.drupal.sites.<name>.database.socket | Path to the unix socket file to use for authentication.
|
| services.radicle.httpd.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.jenkins.jobBuilder.accessTokenFile | File containing the API token for the accessUser
user.
|
| services.openssh.settings.StrictModes | Whether sshd should check file modes and ownership of directories
|
| services.journald.gateway.trust | Specify the path to a file or AF_UNIX stream socket to read a CA
certificate from
|
| services.prosody.uploadHttp.uploadFileSizeLimit | Maximum file size, in bytes
|
| services.ncps.cache.storage.s3.secretAccessKeyPath | The path to a file containing only the secret-access-key.
|
| services.fail2ban.daemonSettings | The contents of Fail2ban's main configuration file
|
| services.zabbixWeb.httpd.virtualHost.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| services.prometheus.scrapeConfigs.*.dockerswarm_sd_configs.*.authorization.credentials_file | Sets the credentials to the credentials read from the configured file
|
| services.iodine.clients.<name>.passwordFile | Path to a file containing the password.
|
| services.restic.backups.<name>.passwordFile | Read the repository password from a file.
|
| services.quickwit.settings.version | Configuration file version.
|
| services.fusionInventory.extraConfig | Configuration that is injected verbatim into the configuration file.
|
| services.thinkfan.fans.*.query | The query string used to match one or more fans: can be
a fullpath to the temperature file (single fan) or a fullpath
to a driver directory (multiple fans).
When multiple fans match, the query can be restricted using the
name or indices options.
|
| services.transmission.settings.script-torrent-done-filename | Executable to be run at torrent completion.
|
| services.weblate.djangoSecretKeyFile | Location of the Django secret key
|
| services.reposilite.settings | Configuration written to the reposilite.cdn file
|
| services.windmill.database.urlPath | Path to the file containing the database url windmill should connect to
|
| services.icingaweb2.roles | roles.ini contents
|
| services.nsd.remoteControl.controlKeyFile | Path to the client private key, which is used by nsd-control
but not by the server
|
| services.tuned.settings.sections | attribute set of section of an INI file (attrs of INI atom (null, bool, int, float or string))
|
| services.hqplayerd.licenseFile | Path to the HQPlayer license key file
|
| services.prometheus.exporters.unpoller.controllers.*.pass | Path of a file containing the password for the unifi service user
|
| services.pgbouncer.settings.pgbouncer.max_client_conn | Maximum number of client connections allowed
|
| services.peering-manager.oidcConfigPath | Path to the Configuration-File for OIDC-Authentication, will be loaded as oidc_config.py
|
| services.openiscsi.extraConfigFile | Append an additional file's contents to /etc/iscsid.conf
|
| services.peering-manager.ldapConfigPath | Path to the Configuration-File for LDAP-Authentication, will be loaded as ldap_config.py
|
| security.agnos.generateKeys.enable | Enable automatic generation of account keys
|
| security.pam.services.<name>.setLoginUid | Set the login uid of the process
(/proc/self/loginuid) for auditing
purposes
|
| services.transmission.settings.trash-original-torrent-files | Whether to delete torrents added from the
services.transmission.settings.watch-dir.
|
| security.auditd.plugins.<name>.settings | Plugin-specific config file to link to /etc/audit/.conf
|
| services.caddy.adapter | Name of the config adapter to use
|
| services.prometheus.webConfigFile | Specifies which file should be used as web.config.file and be passed on startup
|
| services.pulseaudio.extraConfig | Literal string to append to configFile
and the config file generated by the pulseaudio module.
|
| services.zammad.database.passwordFile | A file containing the password for services.zammad.database.user.
|
| systemd.user.paths.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| services.foundationdb.tls.key | Private key file for the certificate.
|
| services.syncthing.guiPasswordFile | Path to file containing the plaintext password for Syncthing's GUI.
|
| services.webdav.settings | Attrset that is converted and passed as config file
|
| services.sshwifty.socks5PasswordFile | Path to a file containing the SOCKS5 password.
|
| services.nextcloud.datadir | Nextcloud's data storage path
|
| services.vaultwarden.environmentFile | Additional environment file or files as defined in systemd.exec(5)
|