| services.exim.user | User to use when no root privileges are required
|
| services.localtimed.enable | Enable localtimed, a simple daemon for keeping the
system timezone up-to-date based on the current location
|
| services.localtimed.geoclue2Package | The Geoclue2 package to use.
|
| services.strongswan-swanctl.swanctl.connections.<name>.local_port | Local UDP port for IKE communication
|
| services.strongswan-swanctl.swanctl.connections.<name>.local_addrs | Local address(es) to use for IKE communication
|
| programs.proxychains.localnet | By default enable localnet for loopback address ranges.
|
| services.matrix-appservice-irc.localpart | The user_id localpart to assign to the appservice
|
| services.nextjs-ollama-llm-ui.hostname | The hostname under which the Ollama UI interface should be accessible
|
| services.outline.redisUrl | Connection to a redis server
|
| services.foundationdb.locality | FoundationDB locality settings.
|
| boot.loader.grub.users | User accounts for GRUB
|
| services.matrix-appservice-discord.localpart | The user_id localpart to assign to the AS.
|
| services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.auth | Authentication to perform locally.
- The default
pubkey uses public key authentication
using a private key associated to a usable certificate.
psk uses pre-shared key authentication.- The IKEv1 specific
xauth is used for XAuth or Hybrid
authentication,
- while the IKEv2 specific
eap keyword defines EAP
authentication.
- For
xauth, a specific backend name may be appended,
separated by a dash
|
| services.resolved.llmnr | Controls Link-Local Multicast Name Resolution support
(RFC 4795) on the local host
|
| services.firefly-iii.settings.APP_ENV | The app environment
|
| services.mpdscribble.passwordFile | File containing the password for the mpd daemon
|
| services.mlmmj.user | mailinglist local user
|
| services.fider.database.url | URI to use for the main PostgreSQL database
|
| services.foundationdb.locality.zoneId | Zone identifier key
|
| services.mlmmj.group | mailinglist local group
|
| services.foundationdb.locality.dataHall | Data hall identifier key
|
| services.outline.databaseUrl | URI to use for the main PostgreSQL database
|
| services.ntopng.redis.createInstance | Local Redis instance name
|
| services.cockroachdb.locality | An ordered, comma-separated list of key-value pairs that describe the
topography of the machine
|
| nix.firewall.allowPrivateNetworks | Whether to allow traffic to local networks
|
| power.ups.mode | The MODE determines which part of the NUT is to be started, and
which configuration files must be modified
|
| services.outline.storage | To support uploading of images for avatars and document attachments an
s3-compatible storage can be provided
|
| services.foundationdb.locality.machineId | Machine identifier key
|
| services.avahi.nssmdns6 | Whether to enable the mDNS NSS (Name Service Switch) plug-in for IPv6
|
| services.coturn.cli-ip | Local system IP address to be used for CLI server endpoint.
|
| services.keycloak.database.name | Database name to use when connecting to an external or
manually provisioned database; has no effect when a local
database is automatically provisioned
|
| services.gitlab.databaseCreateLocally | Whether a database should be automatically created on the
local host
|
| services.cntlm.enable | Whether to enable cntlm, which starts a local proxy.
|
| services.ncps.cache.dataPath | The local directory for storing configuration and cached store paths
|
| programs.ssh.forwardX11 | Whether to request X11 forwarding on outgoing connections by default
|
| services.foundationdb.locality.datacenterId | Data center identifier key
|
| services.i2pd.outTunnels | Connect to someone as a client and establish a local accept endpoint
|
| services.gancio.enable | Whether to enable Gancio, a shared agenda for local communities.
|
| services.c2fmzq-server.port | The local port to use.
|
| time.hardwareClockInLocalTime | If set, keep the hardware clock in local time instead of UTC.
|
| services.keycloak.database.createLocally | Whether a database should be automatically created on the
local host
|
| services.c2fmzq-server.bindIP | The local address to use.
|
| services.ollama.enable | Whether to enable ollama server for local large language models.
|
| services.keycloak.database.username | Username to use when connecting to an external or manually
provisioned database; has no effect when a local database is
automatically provisioned
|
| networking.nat.dmzHost | The local IP address to which all traffic that does not match any
forwarding rule is forwarded.
|
| services.crowdsec.name | Name of the machine when registering it at the central or local api.
|
| services.discourse.database.createLocally | Whether a database should be automatically created on the
local host
|
| services.monero.extraNodes | List of additional peer IP addresses to add to the local list.
|
| services.confd.enable | Whether to enable confd, a service to manage local application configuration files using templates and data from etcd/consul/redis/zookeeper.
|
| services.gitwatch.<name>.path | The path to repo in local machine
|
| services.livekit.redis.port | Port to bind local redis instance to.
|
| services.livekit.redis.host | Address to bind local redis instance to.
|
| services.miredo.bindPort | Depending on the local firewall/NAT rules, you might need to force
Miredo to use a fixed UDP port and or IPv4 address.
|
| services.blocky.enable | Whether to enable blocky, a fast and lightweight DNS proxy as ad-blocker for local network with many features.
|
| services.ente.api.enableLocalDB | Whether to enable the automatic creation of a local postgres database for museum..
|
| services.siproxd.ifInbound | Local network interface
|
| networking.fooOverUDP.<name>.port | Local port of the encapsulation UDP socket.
|
| services.mihomo.webui | Local web interface to use
|
| services.private-gpt.enable | Whether to enable private-gpt for local large language models.
|
| services.stratis.enable | Whether to enable Stratis Storage - Easy to use local storage management for Linux.
|
| services.i2pd.reseed.zipfile | Path to local .zip file to reseed from.
|
| nix.buildMachines | This option lists the machines to be used if distributed builds are
enabled (see nix.distributedBuilds)
|
| services.ncps.cache.storage.s3 | Use S3 for storage instead of local storage.
|
| system.autoUpgrade.flags | Any additional flags passed to nixos-rebuild
|
| services.dependency-track.database.createLocally | Whether a database should be automatically created on the
local host
|
| services.yggdrasil.openMulticastPort | Whether to open the UDP port used for multicast peer discovery
|
| services.udp-over-tcp.tcp2udp.<name>.bind | Which local IP to bind the UDP socket to.
|
| services.sharkey.setupRedis | Whether to automatically set up a local Redis cache and configure Sharkey to use it.
|
| services.avahi.browseDomains | List of non-local DNS domains to be browsed.
|
| services.autossh.sessions.*.extraArguments | Arguments to be passed to AutoSSH and retransmitted to SSH
process
|
| services.dspam.domainSocket | Path to local domain socket which is used for communication with the daemon
|
| services.btrbk.niceness | Niceness for local instances of btrbk
|
| services.tox-node.lanDiscovery | Enable local network discovery.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.local_ts | List of local traffic selectors to include in CHILD_SA
|
| services.dependency-track.database.username | Username to use when connecting to an external or manually
provisioned database; has no effect when a local database is
automatically provisioned
|
| services.librenms.useDistributedPollers | Enables distributed pollers
for this LibreNMS instance
|
| services.avahi.enable | Whether to run the Avahi daemon, which allows Avahi clients
to use Avahi's service discovery facilities and also allows
the local machine to advertise its presence and services
(through the mDNS responder implemented by avahi-daemon).
|
| services.eris-server.decode | Whether the HTTP service (when enabled) will decode ERIS content at /uri-res/N2R?urn:eris:
|
| services.searx.runInUwsgi | Whether to run searx in uWSGI as a "vassal", instead of using its
built-in HTTP server
|
| services.avahi.publish.hinfo | Whether to register a mDNS HINFO record which contains information about the
local operating system and CPU.
|
| hardware.sane.openFirewall | Open ports needed for discovery of scanners on the local network, e.g.
needed for Canon scanners (BJNP protocol).
|
| services.geoclue2.enableNmea | Whether to fetch location from NMEA sources on local network.
|
| services.gpsd.devices | List of devices that gpsd should subscribe to
|
| services.peertube.listenHttp | The port that the local PeerTube web server will listen on.
|
| services.samba-wsdd.enable | Whether to enable Web Services Dynamic Discovery host daemon
|
| services.dependency-track.database.databaseName | Database name to use when connecting to an external or
manually provisioned database; has no effect when a local
database is automatically provisioned
|
| services.radvd.enable | Whether to enable the Router Advertisement Daemon
(radvd), which provides link-local
advertisements of IPv6 router addresses and prefixes using
the Neighbor Discovery Protocol (NDP)
|
| services.send.redis.createLocally | Whether to create a local redis automatically.
|
| services.miredo.bindAddress | Depending on the local firewall/NAT rules, you might need to force
Miredo to use a fixed UDP port and or IPv4 address.
|
| services.db-rest.redis.createLocally | Configure a local redis server for db-rest.
|
| nix.buildMachines.*.sshKey | The path to the SSH private key with which to authenticate on
the build machine
|
| services.autossh.sessions.*.name | Name of the local AutoSSH session
|
| boot.loader.grub.users.<name>.password | Specifies the clear text password for the account
|
| services.gitlab.databaseHost | GitLab database hostname
|
| services.sympa.mta.type | Mail transfer agent (MTA) integration
|
| services.avahi.nssmdns4 | Whether to enable the mDNS NSS (Name Service Switch) plug-in for IPv4
|
| services.openafsServer.cellServDB | Definition of all cell-local database server machines
|
| services.vsftpd.forceLocalDataSSL | Only applies if sslEnable is true
|
| services.nitter.redisCreateLocally | Configure local Redis server for Nitter.
|
| services.opendkim.domains | Local domains set (see opendkim(8) for more information on datasets)
|