| services.ytdl-sub.instances.<name>.readWritePaths | List of paths that ytdl-sub can write to.
|
| services.fluidd.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.gancio.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.akkoma.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.matomo.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.monica.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| users.extraUsers.<name>.description | A short description of the user account, typically the
user's full name
|
| services.borgbackup.jobs.<name>.doInit | Run borg init if the
specified repo does not exist
|
| services.fedimintd.<name>.nginx.config.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.anubis.instances.<name>.settings.POLICY_FNAME | The policy file to use
|
| users.users.<name>.isSystemUser | Indicates if the user is a system user or not
|
| services.drupal.sites.<name>.virtualHost.logFormat | Log format for Apache's log files
|
| services.nginx.virtualHosts.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.firewalld.services.<name>.ports.*.port | |
| services.dokuwiki.sites.<name>.extraConfigs | Path(s) to additional configuration files that are then linked to the 'conf' directory.
|
| services.firewalld.zones.<name>.sources | Source addresses, address ranges, MAC addresses or ipsets to bind.
|
| services.fedimintd.<name>.nginx.path_ui | Path to host the built-in UI on and forward to the daemon's api port
|
| services.borgbackup.jobs.<name>.extraArgs | Additional arguments for all borg calls the
service has
|
| services.snipe-it.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.anubis.instances.<name>.extraFlags | A list of extra flags to be passed to Anubis.
|
| services.syncoid.commands.<name>.service | Systemd configuration specific to this syncoid service.
|
| services.nginx.upstreams.<name>.extraConfig | These lines go to the end of the upstream verbatim.
|
| services.tarsnap.archives.<name>.verbose | Whether to produce verbose logging output.
|
| services.vault-agent.instances.<name>.enable | Whether to enable this vault-agent instance.
|
| services.mailpit.instances.<name>.max | Maximum number of emails to keep
|
| security.wrappers.<name>.group | The group of the wrapper program.
|
| security.wrappers.<name>.owner | The owner of the wrapper program.
|
| services.postfix.masterConfig.<name>.chroot | Whether the service is chrooted to have only access to the
services.postfix.queueDir and the closure of
store paths specified by the program option.
|
| services.syncoid.commands.<name>.target | Target ZFS dataset
|
| services.orangefs.server.fileSystems.<name>.id | File system ID (must be unique within configuration).
|
| services.snapper.configs.<name>.ALLOW_GROUPS | List of groups allowed to operate with the config
|
| services.rspamd.overrides.<name>.enable | Whether this file overrides should be generated
|
| services.openssh.knownHosts.<name>.publicKey | The public key data for the host
|
| security.pam.services.<name>.kwallet.package | The kwallet-pam package to use.
|
| services.sabnzbd.settings.servers.<name>.ssl | Whether the server supports TLS
|
| services.znapzend.zetup.<name>.mbuffer.enable | Whether to use mbuffer.
|
| services.blockbook-frontend.<name>.rpc.url | URL for JSON-RPC connections.
|
| services.jupyterhub.kernels.<name>.env | Environment variables to set for the kernel.
|
| services.prosody.virtualHosts.<name>.enabled | Whether to enable the virtual host
|
| services.sanoid.datasets.<name>.autosnap | Whether to automatically take snapshots.
|
| services.webhook.hooks.<name>.execute-command | The command that should be executed when the hook is triggered.
|
| services.wstunnel.clients.<name>.connectTo | Server address and port to connect to.
|
| services.httpd.virtualHosts.<name>.forceSSL | Whether to add a separate nginx server block that permanently redirects (301)
all plain HTTP traffic to HTTPS
|
| services.anubis.instances | An attribute set of Anubis instances
|
| environment.etc.<name>.text | Text of the file.
|
| services.nebula.networks.<name>.tun.disable | When tun is disabled, a lighthouse can be started without a local tun interface (and therefore without root).
|
| networking.sits.<name>.local | The address of the local endpoint which the remote
side should send packets to.
|
| services.drupal.sites.<name>.virtualHost.http2 | Whether to enable HTTP 2
|
| services.gitlab-runner.services.<name>.dockerImage | Docker image to be used.
|
| services.drupal.sites.<name>.virtualHost.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| services.neo4j.ssl.policies.<name>.tlsVersions | Restrict the TLS protocol versions of this policy to those
defined here.
|
| services.wyoming.piper.servers.<name>.speaker | ID of a specific speaker in a multi-speaker model.
|
| networking.jool.nat64 | Definitions of NAT64 instances of Jool
|
| services.wyoming.piper.servers.<name>.lengthScale | Phoneme length value.
|
| services.akkoma.frontends.<name>.package | Akkoma frontend package.
|
| services.sanoid.templates.<name>.monthly | Number of monthly snapshots.
|
| services.vdirsyncer.jobs.<name>.configFile | existing configuration file
|
| services.spiped.config.<name>.resolveRefresh | Resolution refresh time for the target socket, in seconds.
|
| power.ups.users.<name>.instcmds | Let the user initiate specific instant commands
|
| services.headscale.settings.dns.extra_records.*.name | DNS record name.
|
| networking.vswitches.<name>.interfaces.<name>.vlan | Vlan tag to apply to interface
|
| networking.vswitches.<name>.interfaces.<name>.type | Openvswitch type to assign to interface
|
| services.github-runners.<name>.nodeRuntimes | List of Node.js runtimes the runner should support.
|
| services.caddy.virtualHosts.<name>.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.quicktun.<name>.remoteAddress | IP address or hostname of the remote end (use 0.0.0.0 for a floating/dynamic remote endpoint).
|
| services.inadyn.settings.custom.<name>.ddns-path | DDNS server path
|
| services.wstunnel.servers.<name>.listen | Address and port to listen on
|
| boot.initrd.luks.devices.<name>.gpgCard | The option to use this LUKS device with a GPG encrypted luks password by the GPG Smartcard
|
| services.kanata.keyboards.<name>.config | Configuration other than defcfg
|
| services.wordpress.sites.<name>.poolConfig | Options for the WordPress PHP pool
|
| services.sabnzbd.settings.servers.<name>.host | Hostname of the server
|
| services.sabnzbd.settings.servers.<name>.port | Port of the server
|
| services.rsync.jobs.<name>.destination | Destination directory.
|
| services.rke2.autoDeployCharts.<name>.values | Override default chart values via Nix expressions
|
| services.v4l2-relayd.instances.<name>.enable | Whether to enable this v4l2-relayd instance.
|
| services.rke2.autoDeployCharts.<name>.version | The version of the Helm chart
|
| services.wordpress.sites.<name>.virtualHost.servedFiles | This option provides a simple way to serve individual, static files.
This option has been deprecated and will be removed in a future
version of NixOS
|
| services.openssh.knownHosts.<name>.extraHostNames | A list of additional host names and/or IP numbers used for
accessing the host's ssh service
|
| services.wstunnel.servers.<name>.useACMEHost | Use a certificate generated by the NixOS ACME module for the given host
|
| services.rshim.device | Specify the device name to attach
|
| services.easytier.instances.<name>.settings.hostname | Hostname shown in peer list and web console.
|
| services.gitlab-runner.services.<name>.buildsDir | Absolute path to a directory where builds will be stored
in context of selected executor (Locally, Docker, SSH).
|
| boot.initrd.systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.type | The type of operation to perform on the file
|
| boot.specialFileSystems.<name>.enable | Whether to enable the filesystem mount.
|
| services.acme-dns.settings.general.nsname | Zone name server.
|
| services.wstunnel.servers.<name>.enableHTTPS | Use HTTPS for the tunnel server.
|
| services.errbot.instances.<name>.plugins | List of errbot plugin derivations.
|
| services.restic.backups.<name>.inhibitsSleep | Prevents the system from sleeping while backing up.
|
| services.grafana.provision.alerting.muteTimings.settings.muteTimes.*.name | Name of the mute time interval, must be unique
|
| services.nginx.virtualHosts.<name>.forceSSL | Whether to add a separate nginx server block that redirects (defaults
to 301, configurable with redirectCode) all plain HTTP traffic to
HTTPS
|
| security.acme.certs.<name>.profile | The certificate profile to choose if the CA offers multiple profiles.
|
| power.ups.ups.<name>.shutdownOrder | When you have multiple UPSes on your system, you usually need to
turn them off in a certain order. upsdrvctl shuts down all the
0s, then the 1s, 2s, and so on
|
| services.davis.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.davis.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.slskd.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.movim.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.movim.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.slskd.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| programs.neovim.runtime.<name>.text | Text of the file.
|
| services.easytier.instances.<name>.settings.network_name | EasyTier network name.
|