| services.atuin.database.uri | URI to the database
|
| services.mighttpd2.cores | How many cores to use
|
| services.rss-bridge.virtualHost | Name of the nginx or caddy virtualhost to use and setup
|
| services.vwifi.client.serverPort | The server port port
|
| services.vwifi.server.ports.vhost | The vhost port
|
| boot.initrd.compressorArgs | Arguments to pass to the compressor for the initrd image, or null to use the compressor's defaults.
|
| users.users.<name>.isSystemUser | Indicates if the user is a system user or not
|
| services.kubo.serviceFdlimit | The fdlimit for the Kubo systemd unit or null to have the daemon attempt to manage it
|
| security.doas.extraRules.*.cmd | The command the user is allowed to run
|
| boot.initrd.secrets | Secrets to append to the initrd
|
| boot.initrd.luks.devices.<name>.gpgCard | The option to use this LUKS device with a GPG encrypted luks password by the GPG Smartcard
|
| networking.proxy.noProxy | This option specifies the no_proxy environment variable
|
| hardware.alsa.controls.<name>.name | Name of the control, as it appears in alsamixer
|
| boot.loader.grub.splashImage | Background image used for GRUB
|
| systemd.units.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| systemd.paths.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| systemd.mounts.*.enable | If set to false, this unit will be a symlink to
/dev/null
|
| services.zammad.database.port | Database port
|
| services.bosun.opentsdbHost | Host and port of the OpenTSDB database that stores bosun data
|
| services.mchprs.maxRuntime | Automatically restart the server after
services.mchprs.maxRuntime
|
| services.thanos.store.chunk-pool-size | Maximum size of concurrently allocatable bytes for chunks
|
| services.minetest-server.port | Port number to bind to
|
| services.mpd.openFirewall | Open ports in the firewall for mpd
|
| users.extraUsers.<name>.expires | Set the date on which the user's account will no longer be
accessible
|
| services.thanos.rule.http-address | Listen host:port for HTTP endpoints
|
| services.yggdrasil.group | Group to grant access to the Yggdrasil control socket
|
| services.github-runners.<name>.name | Name of the runner to configure
|
| nix.buildMachines.*.sshKey | The path to the SSH private key with which to authenticate on
the build machine
|
| security.doas.extraRules.*.runAs | Which user or group the specified command is allowed to run as
|
| services.dolibarr.h2o.acme.root | Directory for the ACME challenge, which is public
|
| security.pam.u2f.settings | Options to pass to the PAM module
|
| services.thanos.sidecar.log.level | Log filtering level
|
| services.smokeping.host | Host/IP to bind to for the web server
|
| services.thanos.receive.log.level | Log filtering level
|
| services.thanos.compact.log.level | Log filtering level
|
| services.tts.servers.<name>.model | Name of the model to download and use for speech synthesis
|
| services.ncps.cache.storage.local | The local directory for storing configuration and cached store
paths
|
| environment.sessionVariables | A set of environment variables used in the global environment
|
| services.caddy.acmeCA |
Sets the acme_ca option
in the global options block of the resulting Caddyfile.
The URL to the ACME CA's directory
|
| services.thanos.store.index-cache-size | Maximum size of items held in the index cache
|
| services.nsd.statistics | Statistics are produced every number of seconds
|
| services.surrealdb.dbPath | The path that surrealdb will write data to
|
| services.rss-bridge.webserver | Type of virtualhost to use and setup
|
| systemd.nspawn.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| systemd.timers.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| systemd.slices.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| programs.river.package | The river package to use
|
| services.airsonic.virtualHost | Name of the nginx virtualhost to use and setup
|
| services.dolibarr.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| services.agorakit.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| services.kanboard.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| services.librenms.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| nix.buildMachines.*.publicHostKey | The (base64-encoded) public host key of this builder
|
| services.cloudlog.virtualHost | Name of the nginx virtualhost to use and setup
|
| services.fediwall.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| boot.initrd.luks.devices.<name>.yubikey | The options to use for this LUKS device in YubiKey-PBA
|
| services.terraria.password | Sets the server password
|
| services.pixelfed.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| services.thanos.store.http-address | Listen host:port for HTTP endpoints
|
| services.mainsail.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| services.thanos.query.http-address | Listen host:port for HTTP endpoints
|
| users.extraUsers.<name>.isSystemUser | Indicates if the user is a system user or not
|
| services.dolibarr.h2o | With this option, you can customize an H2O virtual host which already
has sensible defaults for Dolibarr
|
| services.public-inbox.imap.port | Listening port
|
| services.sympa.domains.<name>.webHost | Domain part of the web interface URL (no web interface for this domain if null)
|
| services.public-inbox.http.port | Listening port or systemd's ListenStream= entry
to be used as a reverse proxy, eg. in nginx:
locations."/inbox".proxyPass = "http://unix:${config.services.public-inbox.http.port}:/inbox";
Set to null and use systemd.sockets.public-inbox-httpd.listenStreams
if you need a more advanced listening.
|
| services.public-inbox.nntp.port | Listening port
|
| systemd.user.paths.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| services.youtrack.virtualHost | Name of the nginx virtual host to use and setup
|
| systemd.user.units.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| services.powerdns-admin.saltFile | The salt used for serialization
|
| services.nagios.virtualHost.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| services.mirakurun.unixSocket | Path to unix socket to listen on
|
| services.moodle.virtualHost.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| services.thanos.rule.eval-interval | The default evaluation interval to use
|
| services.vwifi.server.ports.control | The control interface port
|
| services.pingvin-share.hostname | The domain name of your instance
|
| services.minetest-server.logPath | Path to logfile for logging
|
| services.radicle.httpd.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| services.syncthing.relay.pools | Relay pools to join
|
| services.prometheus.alertmanager.configText | Alertmanager configuration as YAML text
|
| security.pam.rssh.settings | Options to pass to the pam_rssh module
|
| services.caddy.openFirewall | Whether to enable opening the specified http(s) ports in the firewall
|
| services.minetest-server.gameId | Id of the game to use
|
| services.thanos.rule.grpc-address | Listen ip:port address for gRPC endpoints (StoreAPI)
|
| systemd.sockets.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| systemd.targets.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| services.anuko-time-tracker.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| services.httpd.virtualHosts.<name>.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| services.nginx.virtualHosts.<name>.acmeRoot | Directory for the ACME challenge, which is public
|
| services.nipap.nipap-www.xmlrpcURIFile | Path to file containing XMLRPC URI for use by web UI - this is a secret, since it contains auth credentials
|
| services.syncplay.saltFile | Path to the file that contains the server salt
|
| systemd.user.slices.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| systemd.user.timers.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| services.matrix-continuwuity.settings.global.address | Addresses (IPv4 or IPv6) to listen on for connections by the reverse proxy/tls terminator
|
| services.prosody.uploadHttp.userQuota | Maximum size of all uploaded files per user, in bytes
|
| services.dragonflydb.bind | The IP interface to bind to.
null means "all interfaces".
|
| services.akkoma.initDb.password | Password of the database user to initialise the database with
|
| boot.initrd.systemd.repart.device | The device to operate on
|
| services.pixelfed.nginx | With this option, you can customize an nginx virtual host which already has sensible defaults for Pixelfed
|