| services.asterisk.confFiles | Sets the content of config files (typically ending with
.conf) in the Asterisk configuration directory
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.authorization.credentials_file | Sets the credentials to the credentials read from the configured file
|
| services.anuko-time-tracker.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.nginx.virtualHosts.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.displayManager.dms-greeter.logs.save | Whether to enable saving logs from the DMS greeter to a file.
|
| services.clickhouse.serverConfig | Your config.yaml as a Nix attribute set
|
| services.gitlab-runner.configFile | Configuration file for gitlab-runner.
configFile takes precedence over services.
checkInterval and concurrent will be ignored too
|
| services.autotierfs.settings | The contents of the configuration file for autotier
|
| services.buildkite-agents.<name>.tokenPath | The token from your Buildkite "Agents" page
|
| services.journald.remote.settings | Configuration in the journal-remote configuration file
|
| services.draupnir.secrets.accessToken | File containing the access token for Draupnir's Matrix account
to be used in place of services.draupnir.settings.accessToken.
|
| i18n.inputMethod.fcitx5.settings.globalOptions | The global options in config file in ini format.
|
| services.drupal.sites.<name>.virtualHost.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| services.tailscale.serve.configFile | Path to a Tailscale Serve configuration file in JSON format
|
| services.nsd.remoteControl.controlCertFile | Path to the client certificate signed with the server certificate
|
| services.mosquitto.listeners.*.acl | Additional ACL items to prepend to the generated ACL file.
|
| services.matrix-conduit.secretFile | Path to a file containing sensitive environment as described in {manpage}`systemd.exec(5)
|
| users.extraUsers.<name>.linger | Whether to enable or disable lingering for this user
|
| systemd.user.timers.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| services.zabbixWeb.httpd.virtualHost.sslServerChain | Path to server SSL chain file.
|
| services.zabbixWeb.database.passwordFile | A file containing the password corresponding to
database.user.
|
| services.rke2.autoDeployCharts.<name>.values | Override default chart values via Nix expressions
|
| systemd.user.slices.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| services.outline.storage | To support uploading of images for avatars and document attachments an
s3-compatible storage can be provided
|
| services.prometheus.scrapeConfigs.*.kubernetes_sd_configs.*.kubeconfig_file | Optional path to a kubeconfig file
|
| services.healthchecks.settings | Environment variables which are read by healthchecks (local)_settings.py
|
| services.prometheus.scrapeConfigs.*.hetzner_sd_configs.*.oauth2.client_secret_file | Read the client secret from a file
|
| services.grafana.settings.security.admin_password | Default admin password
|
| services.libeufin.nexus.settings | Configuration options for the libeufin nexus config file
|
| services.canaille.jwtPrivateKeyFile | File containing the JWT private key
|
| services.lanraragi.redis.passwordFile | A file containing the password for LANraragi's Redis server.
|
| services.journald.gateway.key | Specify the path to a file or AF_UNIX stream socket to read the
secret server key corresponding to the certificate specified with
services.journald.gateway.cert from
|
| networking.nftables.rulesetFile | The ruleset file to be used with nftables
|
| services.crowdsec.settings.general | Settings for the main CrowdSec configuration file
|
| services.oauth2-proxy.htpasswd.displayForm | Display username / password login form if an htpasswd file is provided.
|
| services.mongodb.initialRootPasswordFile | Path to the file containing the password for the root user if auth is enabled.
|
| services.thelounge.public | Make your The Lounge instance public
|
| services.taler.exchange.settings | Configuration options for the taler exchange config file
|
| services.sympa.database.host | Database host address
|
| services.mediawiki.database.socket | Path to the unix socket file to use for authentication.
|
| services.memos.environmentFile | The environment file to use when starting Memos.
By default, generated from .
|
| services.shiori.environmentFile | Path to file containing environment variables
|
| services.tuned.settings.globalSection | global section of an INI file (attrs of INI atom (null, bool, int, float or string))
|
| services.pipewire.extraConfig.jack | Additional configuration for the PipeWire JACK server and client library
|
| services.rsyncd.settings.sections | attribute set of section of an INI file (attrs of INI atom (null, bool, int, float or string))
|
| services.taler.merchant.settings | Configuration options for the taler merchant config file
|
| services.kubernetes.kubelet.tlsCertFile | File containing x509 Certificate for HTTPS.
|
| services.kubernetes.kubelet.tlsKeyFile | File containing x509 private key matching tlsCertFile.
|
| services.hylafax.faxcron.enable.spoolInit | Whether to enable purging old files from the spooling area with
faxcron
each time the spooling area is initialized
.
|
| services.bookstack.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.drupal.sites.<name>.virtualHost.sslServerChain | Path to server SSL chain file.
|
| services.jicofo.componentPasswordFile | Path to file containing component secret.
|
| services.jigasi.componentPasswordFile | Path to file containing component secret.
|
| services.gitlab.backup.uploadOptions | GitLab automatic upload specification
|
| services.ipfs-cluster.secretFile | File containing the cluster secret in the format of EnvironmentFile as described by
systemd.exec(5)
|
| services.postgresql.initialScript | A file containing SQL statements to execute on first startup.
|
| services.oauth2-proxy.tls.certificate | Path to certificate file.
|
| services.matrix-conduit.settings | Generates the conduit.toml configuration file
|
| services.onlyoffice.jwtSecretFile | Path to a file that contains the secret to sign web requests using JSON Web Tokens
|
| services.prometheus.scrapeConfigs.*.digitalocean_sd_configs.*.tls_config.key_file | Key file for client cert authentication to the server.
|
| services.prometheus.scrapeConfigs.*.http_sd_configs.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|
| services.collectd.validateConfig | Validate the syntax of collectd configuration file at build time
|
| services.printing.drivers | CUPS drivers to use
|
| services.healthchecks.settingsFile | Environment variables which are read by healthchecks (local)_settings.py
|
| services.prometheus.scrapeConfigs.*.kubernetes_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.forgejo.database.passwordFile | A file containing the password corresponding to
services.forgejo.database.user.
|
| boot.loader.systemd-boot.memtest86.sortKey | systemd-boot orders the menu entries by their sort keys,
so if you want something to appear after all the NixOS entries,
it should start with o or onwards
|
| services.castopod.maxUploadSize | Maximum supported size for a file upload in
|
| powerManagement.cpuFreqGovernor | Configure the governor used to regulate the frequency of the
available CPUs
|
| services.redmine.database.passwordFile | A file containing the password corresponding to
database.user.
|
| services.silverbullet.envFile | File containing extra environment variables
|
| services.microsocks.authPasswordFile | Path to a file containing the password for authentication.
|
| services.whitebophir.enable | Whether to enable whitebophir, an online collaborative whiteboard server (persistent state will be maintained under /var/lib/whitebophir).
|
| programs.tsmClient.servers.<name>.inclexcl | Text lines with include.* and exclude.* directives
to be used when sending files to the IBM TSM server,
or an absolute path pointing to a file with such lines.
|
| services.prometheus.scrapeConfigs.*.consul_sd_configs.*.authorization.credentials_file | Sets the credentials to the credentials read from the configured file
|
| services.prometheus.scrapeConfigs.*.eureka_sd_configs.*.authorization.credentials_file | Sets the credentials to the credentials read from the configured file
|
| services.prometheus.scrapeConfigs.*.docker_sd_configs.*.authorization.credentials_file | Sets the credentials to the credentials read from the configured file
|
| services.prometheus.scrapeConfigs.*.linode_sd_configs.*.authorization.credentials_file | Sets the credentials to the credentials read from the configured file
|
| services.documize.stateDirectoryName | The name of the directory below /var/lib/private
where documize runs in and stores, for example, backups.
|
| services.inadyn.settings.custom.<name>.include | File to include additional settings for this provider from.
|
| services.cachix-agent.credentialsFile | Required file that needs to contain CACHIX_AGENT_TOKEN=...
|
| services.gitlab.secrets.jwsFile | A file containing the secret used to encrypt session
keys
|
| services.gitlab.secrets.dbFile | A file containing the secret used to encrypt variables in
the DB
|
| services.snips-sh.settings | The configuration of snips-sh is done through environment variables,
therefore you must use upper snake case (e.g. SNIPS_HTTP_INTERNAL)
|
| services.misskey.database.passwordFile | The path to a file containing the database password
|
| services.physlock.lockOn.extraTargets | Other targets to lock the screen just before
|
| services.pretix.environmentFile | Environment file to pass secret configuration values
|
| services.schleuder.extraSettingsFile | YAML file to merge into the schleuder config at runtime
|
| services.slurm.dbdserver.storagePassFile | Path to file with database password
|
| services.zwave-js.settings | Configuration settings for the generated config file
|
| services.dex.environmentFile | Environment file (see systemd.exec(5)
"EnvironmentFile=" section for the syntax) to define variables for dex
|
| services.prometheus.scrapeConfigs.*.digitalocean_sd_configs.*.tls_config.cert_file | Certificate file for client cert authentication to the server.
|
| services.blockbook-frontend.<name>.configFile | Location of the blockbook configuration file.
|
| services.reposilite.database.path | Path to the embedded database file
|
| services.plausible.mail.smtp.passwordFile | The path to the file with the password in case SMTP auth is enabled.
|
| services.rsyncd.settings.globalSection | global section of an INI file (attrs of INI atom (null, bool, int, float or string))
|
| services.prosody.httpFileShare.size_limit | Maximum file size, in bytes.
|
| virtualisation.bios | An alternate BIOS (such as qboot) with which to start the VM
|
| services.xserver.windowManager.exwm.loadScript | Emacs lisp code to be run after loading the user's init
file.
|