| services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.cert.<name>.module | Optional PKCS#11 module name.
|
| services.kanboard.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.dolibarr.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.librenms.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.agorakit.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.fediwall.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.pixelfed.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.mainsail.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| programs.gdk-pixbuf.modulePackages | Packages providing GDK-Pixbuf modules, for cache generation.
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cert.<name>.module | Optional PKCS#11 module name.
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cacert.<name>.module | Optional PKCS#11 module name.
|
| services.filebeat.inputs | Inputs specify how Filebeat locates and processes input data
|
| services.anuko-time-tracker.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.zabbixWeb.nginx.virtualHost.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.bacula-sd.director.<name>.tls.enable | Specifies if TLS should be enabled
|
| services.bacula-fd.director.<name>.tls.enable | Specifies if TLS should be enabled
|
| services.bookstack.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.jirafeau.nginxConfig.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.nginx.virtualHosts.<name>.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.postgresql.systemCallFilter | Configures the syscall filter for postgresql.service
|
| services.bacula-sd.director.<name>.tls.allowedCN | Common name attribute of allowed peer certificates
|
| services.bacula-fd.director.<name>.tls.allowedCN | Common name attribute of allowed peer certificates
|
| services.fedimintd.<name>.nginx.config.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.limesurvey.nginx.virtualHost.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.matrix-synapse.log | Default configuration for the loggers used by matrix-synapse and its workers
|
| services.nncp.daemon.socketActivation.listenStreams | TCP sockets to bind to
|
| services.misskey.reverseProxy.webserver.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.openssh.authorizedKeysInHomedir | Enables the use of the ~/.ssh/authorized_keys file
|
| services.syncthing.overrideFolders | Whether to delete the folders which are not configured via the
folders option
|
| services.pgbackrest.stanzas.<name>.settings | An attribute set of options as described in:
https://pgbackrest.org/configuration.html
All options can be used
|
| services.bacula-sd.director.<name>.tls.certificate | The full path to the PEM encoded TLS certificate
|
| services.bacula-fd.director.<name>.tls.certificate | The full path to the PEM encoded TLS certificate
|
| services.bacula-sd.director.<name>.tls.caCertificateFile | The path specifying a PEM encoded TLS CA certificate(s)
|
| services.bacula-fd.director.<name>.tls.caCertificateFile | The path specifying a PEM encoded TLS CA certificate(s)
|
| services.maddy.tls.loader | TLS certificates are obtained by modules called "certificate
loaders"
|
| hardware.inputmodule.enable | Whether to enable Support for Framework input modules.
|
| services.bcg.name | Name for the device
|
| networking.tempAddresses | Whether to enable IPv6 Privacy Extensions for interfaces not
configured explicitly in
networking.interfaces._name_.tempAddress
|
| services.wivrn.config.json | Configuration for WiVRn
|
| services.httpd.mpm | Multi-processing module to be used by Apache
|
| services.athens.goBinary | The Go package used by Athens at runtime
|
| services.athens.downloadMode | Defines how Athens behaves when a module@version
is not found in storage
|
| services.nfs.server.lockdPort | Use a fixed port for the NFS lock manager kernel module
(lockd/nlockmgr)
|
| services.xrdp.audio.package | The pulseaudio-module-xrdp package to use.
|
| services.tcsd.enable | Whether to enable tcsd, a Trusted Computing management service
that provides TCG Software Stack (TSS)
|
| services.httpd.enablePHP | Whether to enable the PHP module.
|
| services.vwifi.server.vsock.enable | Whether to enable vsock kernel module.
|
| services.spiped.enable | Enable the spiped service module.
|
| services.httpd.enablePerl | Whether to enable the Perl module (mod_perl).
|
| services.athens.enable | Whether to enable Go module datastore and proxy.
|
| services.keter.enable | Whether to enable keter, a web app deployment manager
|
| services.maddy.config | Server configuration, see
https://maddy.email for
more information
|
| services.netbox.enable | Enable Netbox
|
| services.atticd.mode | Mode in which to run the server.
'monolithic' runs all components, and is suitable for single-node deployments.
'api-server' runs only the API server, and is suitable for clustering.
'garbage-collector' only runs the garbage collector periodically
|
| services.newt.settings | Settings for Newt module, see Newt CLI docs for more information.
|
| services.cjdns.extraConfig | Extra configuration, given as attrs, that will be merged recursively
with the rest of the JSON generated by this module, at the root node.
|
| services.fprintd.enable | Whether to enable fprintd daemon and PAM module for fingerprint readers handling.
|
| services.httpd.enableMellon | Whether to enable the mod_auth_mellon module.
|
| services.howdy.enable | Whether to enable Howdy and its PAM module for face recognition
|
| services.rauc.settings | Rauc configuration that will be converted to INI
|
| services.znapzend.pure | Do not persist any stateful znapzend setups
|
| services.prosody.httpFileShare | Configures the http_file_share module to handle user uploads
|
| services.plex.extraPlugins | A list of paths to extra plugin bundles to install in Plex's plugin
directory
|
| services.listmonk.enable | Whether to enable Listmonk, this module assumes a reverse proxy to be set.
|
| services.httpd.extraModules | Additional Apache modules to be used
|
| services.nitter.settings | Add settings here to override NixOS module generated settings
|
| services.warpgate.enable | Whether to enable Warpgate
|
| services.inspircd.config | Verbatim inspircd.conf file
|
| services.slurm.enableSrunX11 | If enabled srun will accept the option "--x11" to allow for X11 forwarding
from within an interactive session or a batch job
|
| services.jenkins.plugins | A set of plugins to activate
|
| services.nextcloud.caching.apcu | Whether to load the APCu module into PHP.
|
| <imports = [ pkgs.php.services.default ]>.php-fpm.package | PHP package to use for php-fpm
|
| services.ddclient.configFile | Path to configuration file
|
| security.pam.services.<name>.rssh | If set, the calling user's SSH agent is used to authenticate
against the configured keys
|
| services.anubis.defaultOptions.user | The user under which Anubis is run
|
| security.pam.services.<name>.howdy.enable | Whether to enable the Howdy PAM module
|
| services.plex.extraScanners | A list of paths to extra scanners to install in Plex's scanners
directory
|
| services.thinkfan.enable | Whether to enable thinkfan, a fan control program.
This module targets IBM/Lenovo thinkpads by default, for
other hardware you will have configure it more carefully.
|
| services.syslog-ng.extraModulePaths | A list of paths that should be included in syslog-ng's
--module-path option
|
| services.step-ca.settings | Settings that go into ca.json
|
| services.factorio.configFile | The server's configuration file
|
| security.pam.services.<name>.howdy.control | This option sets the PAM "control" used for this module.
|
| services.oauth2-proxy.httpAddress | HTTPS listening address
|
| security.pam.services.<name>.mysqlAuth | If set, the pam_mysql module will be used to
authenticate users against a MySQL/MariaDB database.
|
| services.mjolnir.settings | Additional settings (see mjolnir default config for available settings)
|
| services.rtorrent.configText | The content of rtorrent.rc
|
| services.anubis.defaultOptions.group | The group under which Anubis is run
|
| services.nextcloud.caching.redis | Whether to load the Redis module into PHP
|
| services.maubot.configMutable | Whether maubot should write updated config into extraConfigFile. This will make your Nix module settings have no effect besides the initial config, as extraConfigFile takes precedence over NixOS settings!
|
| services.fail2ban.jails | The configuration of each Fail2ban “jail”
|
| services.prosody.uploadHttp.httpUploadPath | Directory where the uploaded files will be stored when the http_upload module is used
|
| services.dsnet.settings | The settings to use for dsnet
|
| services.kanata.keyboards.<name>.configFile | The config file
|
| security.pam.services.<name>.enableUMask | If enabled, the pam_umask module will be loaded.
|
| services.gitlab-runner.configFile | Configuration file for gitlab-runner.
configFile takes precedence over services.
checkInterval and concurrent will be ignored too
|
| services.librenms.finalPackage | The final package used by the module
|
| services.longview.nginxStatusUrl | The Nginx status page URL
|
| services.peering-manager.enable | Enable Peering Manager
|
| services.datadog-agent.checks | Configuration for all Datadog checks
|
| services.stalwart.settings | Configuration options for the Stalwart server
|