| services.public-inbox.imap.enable | Whether to enable the public-inbox IMAP server.
|
| services.factorio.public | Game will be published on the official Factorio matching server.
|
| services.tmate-ssh-server.keysDir | Directory containing ssh keys, defaulting to auto-generation
|
| services.nsd.keys.<name>.keyFile | Path to the file which contains the actual base64 encoded
key
|
| boot.initrd.luks.devices.<name>.gpgCard.publicKey | Path to the Public Key.
|
| services.i2pd.inTunnels.<name>.keys | Keyset used for tunnel identity.
|
| services.public-inbox.nntp.port | Listening port
|
| services.public-inbox.imap.port | Listening port
|
| services.i2pd.outTunnels.<name>.keys | Keyset used for tunnel identity.
|
| services.public-inbox.http.mounts | Root paths or URLs that public-inbox will be served on
|
| services.dragonflydb.keysOutputLimit | Maximum number of returned keys in keys command.
keys is a dangerous command
|
| services.thelounge.public | Make your The Lounge instance public
|
| services.immich-public-proxy.enable | Whether to enable Immich Public Proxy.
|
| services.firezone.relay.publicIpv4 | The public ipv4 address of this relay
|
| services.firezone.relay.publicIpv6 | The public ipv6 address of this relay
|
| services.keter.bundle.publicScript | Allows loading of public environment variables,
these are emitted to the log so it shouldn't contain secrets.
|
| services.ceph.global.publicNetwork | A comma-separated list of subnets that will be used as public networks in the cluster.
|
| services.immich-public-proxy.package | The immich-public-proxy package to use.
|
| services.immich-public-proxy.settings | Configuration for IPP
|
| services.actkbd.bindings.*.keys | List of keycodes to match.
|
| services.quicktun.<name>.publicKey | Remote public key in hexadecimal form.
Not needed when services.quicktun..protocol is set to raw.
|
| services.public-inbox.settings.publicinbox.css | The local path name of a CSS file for the PSGI web interface.
|
| services.nsd.keys.<name>.algorithm | Authentication algorithm for this key.
|
| services.ncdns.dnssec.keys.private | Path to the file containing the KSK private key.
|
| services.blockbook-frontend.<name>.public | Public http server binding [address]:port.
|
| services.public-inbox.inboxes.<name>.watch | Paths for public-inbox-watch(1) to monitor for new mail.
|
| services.outline.publicUrl | The fully qualified, publicly accessible URL
|
| services.public-inbox.spamAssassinRules | SpamAssassin configuration specific to public-inbox.
|
| services.public-inbox.settings.publicinbox.nntpserver | NNTP URLs to this public-inbox instance
|
| services.public-inbox.settings.publicinbox.pop3server | POP3 URLs to this public-inbox instance
|
| services.public-inbox.settings.publicinbox.imapserver | IMAP URLs to this public-inbox instance
|
| services.ncdns.dnssec.keys.zonePrivate | Path to the file containing the ZSK private key.
|
| services.public-inbox.settings.publicinbox.wwwlisting | Controls which lists (if any) are listed for when the root
public-inbox URL is accessed over HTTP.
|
| services.public-inbox.settings.coderepo | code repositories
|
| services.flannel.publicIp | IP accessible by other nodes for inter-host communication
|
| services.public-inbox.inboxes.<name>.address | The email addresses of the public-inbox.
|
| services.immich-public-proxy.port | The port that IPP will listen on.
|
| services.public-inbox.inboxes | Inboxes to configure, where attribute names are inbox names.
|
| services.rkvm.server.settings.switch-keys | A key list specifying a host switch combination.
A list of key names is available in https://github.com/htrefil/rkvm/blob/master/switch-keys.md.
|
| services.public-inbox.settings.coderepo.<name>.dir | Path to a git repository
|
| services.public-inbox.http.port | Listening port or systemd's ListenStream= entry
to be used as a reverse proxy, eg. in nginx:
locations."/inbox".proxyPass = "http://unix:${config.services.public-inbox.http.port}:/inbox";
Set to null and use systemd.sockets.public-inbox-httpd.listenStreams
if you need a more advanced listening.
|
| services.kanidm.provision.systems.oauth2.<name>.public | Whether this is a public client (enforces PKCE, doesn't use a basic secret)
|
| services.public-inbox.inboxes.<name>.inboxdir | The absolute path to the directory which hosts the public-inbox.
|
| services.public-inbox.settings.coderepo.<name>.cgitUrl | URL of a cgit instance
|
| services.immich-public-proxy.immichUrl | URL of the Immich instance
|
| services.public-inbox.inboxes.<name>.url | URL where this inbox can be accessed over HTTP.
|
| services.public-inbox.settings.publicinboxmda.spamcheck | If set to spamc, public-inbox-watch(1) will filter spam
using SpamAssassin.
|
| services.languagetool.public | Whether to enable access from anywhere (rather than just localhost).
|
| services.public-inbox.postfix.enable | Whether to enable the integration into Postfix.
|
| services.public-inbox.openFirewall | Whether to enable opening the firewall when using a port option.
|
| services.cjdns.UDPInterface.connectTo.<name>.publicKey | Public key at the opposite end of the tunnel.
|
| services.cjdns.ETHInterface.connectTo.<name>.publicKey | Public key at the opposite end of the tunnel.
|
| services.triggerhappy.bindings.*.keys | List of keys to match
|
| boot.initrd.network.ssh.hostKeys | Specify SSH host keys to import into the initrd
|
| services.nginx.proxyCachePath.<name>.keysZoneName | Set name to shared memory zone.
|
| services.nginx.proxyCachePath.<name>.keysZoneSize | Set size to shared memory zone.
|
| services.public-inbox.settings.publicinboxwatch.spamcheck | If set to spamc, public-inbox-watch(1) will filter spam
using SpamAssassin.
|
| services.jitsi-videobridge.nat.publicAddress | Public address to assume when running behind NAT.
|
| services.neo4j.ssl.policies.<name>.publicCertificate | The name of public X.509 certificate (chain) file in PEM format
for this policy to be found in the baseDirectory,
or the absolute path to the certificate file
|
| services.immich-public-proxy.openFirewall | Whether to open the IPP port in the firewall
|
| networking.wg-quick.interfaces.<name>.peers.*.publicKey | The base64 public key to the peer.
|
| services.toxBootstrapd.keysFile | Node key file.
|
| services.maubot.settings.server.public_url | Public base URL where the server is visible.
|
| services.chhoto-url.settings.public_mode | Whether to enable public mode.
|
| services.public-inbox.inboxes.<name>.watchheader | If specified, public-inbox-watch(1) will only process
mail containing a matching header.
|
| services.public-inbox.inboxes.<name>.coderepo | Nicknames of a 'coderepo' section associated with the inbox.
|
| services.matrix-appservice-irc.settings.ircService.mediaProxy.publicUrl | URL under which the media proxy is publicly acccessible.
|
| services.public-inbox.inboxes.<name>.newsgroup | NNTP group name for the inbox.
|
| services.public-inbox.settings.publicinboxwatch.watchspam | If set, mail in this maildir will be trained as spam and
deleted from all watched inboxes
|
| networking.wireguard.interfaces.<name>.peers.*.publicKey | The base64 public key of the peer.
|
| services.rosenpass.settings.peers.*.public_key | Path to a file containing the public key of the remote Rosenpass peer.
|
| services.schleuder.settings.keyserver | Key server from which to fetch and update keys
|
| boot.loader.limine.secureBoot.enable | Whether to use sign the limine binary with sbctl.
This requires you to already have generated the keys and enrolled them with sbctl
|
| services.public-inbox.inboxes.<name>.description | User-visible description for the repository.
|
| services.gitlab.pages.settings | Configuration options to set in the GitLab Pages config
file
|
| services.foundationdb.publicAddress | Publicly visible IP address of the process
|
| services.xonotic.settings.sv_public | Controls whether the server will be publicly listed.
|
| services.logkeys.enable | Whether to enable logkeys, a keylogger service.
|
| services.matrix-synapse.settings.public_baseurl | The public-facing base URL for the client API (not including _matrix/...)
|
| services.h2o.hosts | The hosts config to be merged with the settings
|
| services.evremap.settings.remap.*.input | The key sequence that should be remapped
|
| services.logkeys.device | Use the given device as keyboard input event device instead of /dev/input/eventX default.
|
| services.neo4j.ssl.policies.<name>.trustedDir | Path to directory of X.509 certificates in PEM format for
trusted parties
|
| services.go-neb.baseUrl | Public-facing endpoint that can receive webhooks.
|
| services.evremap.settings.remap.*.output | The key sequence that should be output when the input sequence is entered
|
| services.nix-serve.secretKeyFile | The path to the file used for signing derivation data
|
| services.gitolite.adminPubkey | Initial administrative public key for Gitolite
|
| services.yggdrasil.settings | Configuration for yggdrasil, as a structured Nix attribute set
|
| services.tor.relay.role | Your role in Tor network
|
| programs.wshowkeys.package | The wshowkeys package to use.
|
| services.evremap.settings.dual_role.*.tap | The key sequence that should be output when the input key is tapped
|
| services.metabase.ssl.keystore | Java KeyStore file containing the certificates.
|
| services.evremap.settings.dual_role.*.input | The key that should be remapped
|
| services.evremap.settings.dual_role.*.hold | The key sequence that should be output when the input key is held
|
| security.pam.services.<name>.rssh | If set, the calling user's SSH agent is used to authenticate
against the configured keys
|
| services.maubot.extraConfigFile | A file for storing secrets
|
| services.frp.role | The frp consists of client and server
|
| programs.wshowkeys.enable | Whether to enable wshowkeys (displays keypresses on screen on supported Wayland
compositors)
|
| services.openssh.generateHostKeys | Whether to generate SSH host keys
|
| services.i2pd.dataDir | Alternative path to storage of i2pd data (RI, keys, peer profiles, ...)
|