| services.rke2.autoDeployCharts.<name>.extraDeploy | List of extra Kubernetes manifests to deploy with this Helm chart.
|
| services.fedimintd.<name>.api_iroh.port | UDP Port to bind Iroh endpoint for API connections
|
| services.nebula.networks.<name>.settings | Nebula configuration
|
| services.nginx.upstreams.<name>.servers | Defines the address and other parameters of the upstream servers
|
| services.firezone.server.provision.accounts.<name>.auth | All authentication providers to provision
|
| services.dolibarr.nginx.locations.<name>.root | Root directory for requests.
|
| services.agorakit.nginx.locations.<name>.root | Root directory for requests.
|
| services.librenms.nginx.locations.<name>.root | Root directory for requests.
|
| services.kanboard.nginx.locations.<name>.root | Root directory for requests.
|
| services.fediwall.nginx.locations.<name>.root | Root directory for requests.
|
| services.mainsail.nginx.locations.<name>.root | Root directory for requests.
|
| services.pixelfed.nginx.locations.<name>.root | Root directory for requests.
|
| services.wordpress.sites.<name>.database.host | Database host address.
|
| services.wordpress.sites.<name>.database.port | Database host port.
|
| security.pam.services.<name>.kwallet.enable | If enabled, pam_wallet will attempt to automatically unlock the
user's default KDE wallet upon login
|
| services.davis.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.awstats.configs.<name>.webService.enable | Whether to enable awstats web service.
|
| services.movim.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.slskd.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.radicle.httpd.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.radicle.httpd.nginx.locations.<name>.index | Adds index directive.
|
| services.tor.relay.onionServices.<name>.settings | Settings of the onion service
|
| services.netbird.clients.<name>.dns-resolver.port | A port to serve DNS entries on when dns-resolver.address is enabled.
|
| services.netbird.tunnels.<name>.dns-resolver.port | A port to serve DNS entries on when dns-resolver.address is enabled.
|
| services.github-runners.<name>.extraLabels | Extra labels in addition to the default (unless disabled through the noDefaultLabels option)
|
| services.strongswan-swanctl.swanctl.secrets.rsa.<name>.file | File name in the rsa folder for which this passphrase
should be used.
|
| users.users.<name>.isNormalUser | Indicates whether this is an account for a “real” user
|
| services.firewalld.zones.<name>.sourcePorts.*.port | |
| services.ttyd.username | Username for basic http authentication.
|
| services.jupyterhub.kernels.<name>.argv | Command and arguments to start the kernel.
|
| services.blockbook-frontend.<name>.rpc.user | Username for JSON-RPC connections.
|
| services.blockbook-frontend.<name>.rpc.port | Port for JSON-RPC connections.
|
| services.sanoid.datasets.<name>.useTemplate | Names of the templates to use for this dataset.
|
| services.klipper.firmwares.<name>.enable | Whether to enable building of firmware for manual flashing
.
|
| services.fedimintd.<name>.ui.openFirewall | Opens TCP port in firewall for built-in UI
|
| services.public-inbox.inboxes.<name>.inboxdir | The absolute path to the directory which hosts the public-inbox.
|
| services.firezone.server.provision.accounts.<name>.resources.<name>.filters | A list of filter to restrict traffic
|
| services.fedimintd.<name>.nginx.config.listen.*.addr | Listen address.
|
| services.gancio.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.akkoma.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.fluidd.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.fedimintd.<name>.nginx.config.basicAuth | Basic Auth protection for a vhost
|
| services.matomo.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.monica.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| programs.dms-shell.plugins.<name>.src | Source of the plugin package or path
|
| power.ups.ups.<name>.shutdownOrder | When you have multiple UPSes on your system, you usually need to
turn them off in a certain order. upsdrvctl shuts down all the
0s, then the 1s, 2s, and so on
|
| boot.initrd.luks.devices.<name>.gpgCard.publicKey | Path to the Public Key.
|
| systemd.slices.<name>.upholds | Keeps the specified running while this unit is running
|
| systemd.sockets.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| systemd.targets.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| systemd.timers.<name>.upholds | Keeps the specified running while this unit is running
|
| services.buildkite-agents.<name>.enable | Whether to enable this buildkite agent
|
| services.znapzend.zetup.<name>.destinations.<name>.postsend | Command to run after sending the snapshot to the destination
|
| systemd.services.<name>.confinement.mode | The value full-apivfs (the default) sets up
private /dev, /proc,
/sys, /tmp and /var/tmp file systems
in a separate user name space
|
| services.drupal.sites.<name>.virtualHost.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.autorandr.profiles.<name>.hooks | Profile hook scripts.
|
| services.znapzend.zetup.<name>.recursive | Whether to do recursive snapshots.
|
| services.keepalived.vrrpInstances.<name>.vmacInterface | Name of the vmac interface to use. keepalived will come up with a name
if you don't specify one.
|
| services.tarsnap.archives.<name>.keyfile | Set a specific keyfile for this archive
|
| services.wstunnel.clients.<name>.localToRemote | Listen on local and forwards traffic from remote.
|
| services.prosody.virtualHosts.<name>.extraConfig | Additional virtual host specific configuration
|
| services.fedimintd.<name>.nginx.config.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.tarsnap.archives.<name>.lowmem | Reduce memory consumption by not caching small files
|
| services.wordpress.sites.<name>.virtualHost | Apache configuration can be done by adapting services.httpd.virtualHosts.
|
| services.fedimintd.<name>.nginx.config.default | Makes this vhost the default.
|
| services.snipe-it.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.wordpress.sites.<name>.uploadsDir | This directory is used for uploads of pictures
|
| systemd.services.<name>.restartIfChanged | Whether the service should be restarted during a NixOS
configuration switch if its definition has changed.
|
| services.wordpress.sites.<name>.plugins | Path(s) to respective plugin(s) which are copied from the 'plugins' directory.
These plugins need to be packaged before use, see example.
|
| users.users.<name>.isSystemUser | Indicates if the user is a system user or not
|
| services.firezone.server.provision.accounts.<name>.resources.<name>.address | The address of this resource
|
| services.jibri.xmppEnvironments.<name>.control.muc.roomName | The room name of the MUC to connect to for control.
|
| services.rke2.autoDeployCharts.<name>.values | Override default chart values via Nix expressions
|
| services.wordpress.sites.<name>.mergedConfig | Read only representation of the final configuration.
|
| systemd.services.<name>.stopIfChanged | If set, a changed unit is restarted by calling
systemctl stop in the old configuration,
then systemctl start in the new one
|
| systemd.user.sockets.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| systemd.user.targets.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| systemd.user.slices.<name>.upholds | Keeps the specified running while this unit is running
|
| systemd.user.timers.<name>.upholds | Keeps the specified running while this unit is running
|
| services.fedimintd.<name>.api.openFirewall | Opens port in firewall for fedimintd's api port
|
| services.pgbackrest.stanzas.<name>.jobs | Backups jobs to schedule for this stanza as described in:
https://pgbackrest.org/user-guide.html#quickstart/schedule-backup
|
| services.klipper.firmwares.<name>.serial | Path to serial port this printer is connected to
|
| services.kimai.sites.<name>.database.passwordFile | A file containing the password corresponding to
database.user.
|
| services.ghostunnel.servers.<name>.key | Path to certificate private key (PEM with private key)
|
| security.pam.services.<name>.ttyAudit.enablePattern | For each user matching one of comma-separated
glob patterns, enable TTY auditing
|
| services.keepalived.vrrpInstances.<name>.virtualIps.*.label | Each address may be tagged with a label string
|
| services.headscale.settings.dns.extra_records.*.name | DNS record name.
|
| environment.etc.<name>.group | Group name of file owner
|
| services.jitsi-videobridge.xmppConfigs.<name>.hostName | Hostname of the XMPP server to connect to
|
| systemd.services.<name>.enableDefaultPath | Whether to append a minimal default PATH environment variable to the service, containing common system utilities.
|
| services.firewalld.zones.<name>.forwardPorts | Ports to forward in the zone.
|
| services.firewalld.zones.<name>.sources.*.ipset | An ipset.
|
| services.nginx.virtualHosts.<name>.locations | Declarative location config
|
| services.vdirsyncer.jobs.<name>.timerConfig | systemd timer configuration
|
| services.radicle.httpd.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.geoclue2.appConfig.<name>.desktopID | Desktop ID of the application.
|
| services.openbao.settings.listener.<name>.type | The listener type to enable.
|
| services.public-inbox.settings.coderepo.<name>.dir | Path to a git repository
|
| services.wordpress.sites.<name>.virtualHost.hostName | Canonical hostname for the server.
|
| services.firewalld.services.<name>.version | Version of the service.
|