| services.librenms.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.dolibarr.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.agorakit.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.fediwall.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.mainsail.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.pixelfed.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.maddy.tls.loader | TLS certificates are obtained by modules called "certificate
loaders"
|
| services.nominatim.enable | Whether to enable nominatim
|
| services.ocis.configDir | Path to directory containing oCIS config file
|
| services.roundcube.enable | Whether to enable roundcube
|
| services.jitsi-meet.nginx.enable | Whether to enable nginx virtual host that will serve the javascript application and act as
a proxy for the XMPP server
|
| services.anuko-time-tracker.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.bookstack.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| programs.river.package | The river package to use
|
| services.dnscrypt-proxy.configFile | Path to TOML config file
|
| services.zabbixWeb.nginx.virtualHost.basicAuthFile | Basic Auth password file for a vhost
|
| services.gitlab.backup.uploadOptions | GitLab automatic upload specification
|
| services.mediawiki.httpd.virtualHost | Apache configuration can be done by adapting services.httpd.virtualHosts
|
| services.nginx.virtualHosts.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.jirafeau.nginxConfig.basicAuthFile | Basic Auth password file for a vhost
|
| services.invidious.nginx.enable | Whether to configure nginx as a reverse proxy for Invidious
|
| services.vsftpd.userDbPath | Only applies if enableVirtualUsers is true
|
| services.cloud-init.enable | Enable the cloud-init service
|
| services.limesurvey.virtualHost | Apache configuration can be done by adapting services.httpd.virtualHosts.<name>
|
| programs.sway.package | The sway package to use
|
| services.wordpress.sites.<name>.virtualHost | Apache configuration can be done by adapting services.httpd.virtualHosts.
|
| services.systembus-notify.enable | Whether to enable System bus notification support
WARNING: enabling this option (while convenient) should not be done on a
machine where you do not trust the other users as it allows any other
local user to DoS your session by spamming notifications
.
|
| services.limesurvey.httpd.virtualHost | Apache configuration can be done by adapting services.httpd.virtualHosts.<name>
|
| services.limesurvey.nginx.virtualHost | Nginx configuration can be done by adapting services.nginx.virtualHosts.<name>
|
| services.librenms.phpOptions | Options for PHP's php.ini file for librenms
|
| services.stash.mutableSettings | Whether the Stash config.yml is writeable by Stash
|
| services.davis.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.movim.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.slskd.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.snipe-it.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.dnscrypt-proxy2.configFile | Path to TOML config file
|
| services.tinc.networks.<name>.chroot | Change process root directory to the directory where the config file is located (/etc/tinc/netname/), for added security
|
| services.akkoma.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.fluidd.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.fedimintd.<name>.nginx.config.basicAuthFile | Basic Auth password file for a vhost
|
| services.gancio.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.monica.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.matomo.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| hardware.display.edid.packages | List of packages containing EDID binary files at $out/lib/firmware/edid
|
| services.webhook.hooksTemplated | Same as hooks, but these hooks are specified as literal strings instead of Nix values,
and hence can include template syntax
which might not be representable as JSON
|
| services.nghttpx.backends.*.params.dns | Name resolution of a backends host name is done at start up,
or configuration reload
|
| services.rabbitmq.configItems | Configuration options in RabbitMQ's new config file format,
which is a simple key-value format that can not express nested
data structures
|
| services.tor.relay.onionServices | See torrc manual.
Because tor.service runs in its own RootDirectory=,
when using a onion service to reverse-proxy to a Unix socket,
you need to make that Unix socket available
within the mount namespace of tor.service
|
| programs.river-classic.package | The river-classic package to use
|
| services.gokapi.environment.GOKAPI_CONFIG_FILE | Sets the filename for the config file.
|
| services.limesurvey.nginx.virtualHost.basicAuthFile | Basic Auth password file for a vhost
|
| services.radicle.httpd.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.nextcloud.phpOptions | Options for PHP's php.ini file for nextcloud
|
| services.pdns-recursor.dnssecValidation | Controls the level of DNSSEC processing done by the PowerDNS Recursor
|
| services.postfixadmin.enable | Whether to enable postfixadmin
|
| services.dolibarr.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.kanboard.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.librenms.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.agorakit.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.fediwall.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.mainsail.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.pixelfed.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.age | Delete a file when it reaches a certain age
|
| fileSystems.<name>.device | The device as passed to mount
|
| users.ldap.bind.distinguishedName | The distinguished name to bind to the LDAP server with
|
| fonts.fontconfig.hinting.style | Hintstyle is the amount of font reshaping done to line up
to the grid.
slight will make the font more fuzzy to line up to the grid but
will be better in retaining font shape, while full will be a
crisp font that aligns well to the pixel grid but will lose a
greater amount of font shape.
|
| services.listmonk.database.mutableSettings | Database settings will be reset to the value set in this module if this is not enabled
|
| services.misskey.reverseProxy.webserver.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.mailpit.instances.<name>.database | Specify the local database filename to store persistent data
|
| services.anuko-time-tracker.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| boot.initrd.systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.age | Delete a file when it reaches a certain age
|
| services.xserver.displayManager.sx.enable | Whether to enable the "sx" pseudo-display manager, which allows users
to start manually via the "sx" command from a vt shell
|
| services.zabbixWeb.nginx.virtualHost.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| boot.specialFileSystems.<name>.device | The device as passed to mount
|
| services.bookstack.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| documentation.man.mandoc.settings.output.includes | A string of relative path used as a template for the output path of
linked header files (usually via the In macro) in HTML output
|
| services.jirafeau.nginxConfig.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.nginx.virtualHosts.<name>.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| swapDevices.*.encrypted.keyFile | Path to a keyfile used to unlock the backing encrypted
device
|
| services.matrix-synapse.log | Default configuration for the loggers used by matrix-synapse and its workers
|
| fileSystems.<name>.encrypted.keyFile | Path to a keyfile used to unlock the backing encrypted
device
|
| services.resolved.dnsovertls | If set to
"true":
all DNS lookups will be encrypted
|
| services.fedimintd.<name>.nginx.config.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.limesurvey.nginx.virtualHost.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.misskey.reverseProxy.webserver.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.prometheus.exporters.deluge.exportPerTorrentMetrics | Enable per-torrent metrics
|
| services.fluent-bit.configurationFile | Fluent Bit configuration
|
| services.vaultwarden.config | The configuration of vaultwarden is done through environment variables,
therefore it is recommended to use upper snake case (e.g. DISABLE_2FA_REMEMBER)
|
| services.earlyoom.enableNotifications | Send notifications about killed processes via the system d-bus
|
| services.nextcloud.notify_push.bendDomainToLocalhost | Whether to add an entry to /etc/hosts for the configured nextcloud domain to point to localhost and add localhost to nextcloud's trusted_proxies config option
|
| virtualisation.libvirtd.onBoot | Specifies the action to be done to / on the guests when the host boots
|
| services.postgresql.systemCallFilter | Configures the syscall filter for postgresql.service
|
| services.smartd.notifications.systembus-notify.enable | Whenever to send systembus-notify notifications
|
| virtualisation.fileSystems.<name>.device | The device as passed to mount
|
| services.github-runners.<name>.tokenFile | The full path to a file which contains either
- a fine-grained personal access token (PAT),
- a classic PAT
- or a runner registration token
Changing this option or the tokenFile’s content triggers a new runner registration
|
| services.movim.h2o.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| services.prometheus.scrapeConfigs.*.file_sd_configs.*.files | Patterns for files from which target groups are extracted
|
| services.amazon-cloudwatch-agent.configurationFile | Amazon CloudWatch Agent configuration file
|
| networking.firewall.connectionTrackingModules | List of connection-tracking helpers that are auto-loaded
|
| services.amazon-cloudwatch-agent.commonConfigurationFile | Amazon CloudWatch Agent common configuration
|