| services.suricata.settings.pcap.*.interface | pcap capture interface, see upstream docs.
|
| services.scrutiny.settings.web.listen.basepath | If Scrutiny will be behind a path prefixed reverse proxy, you can override this
value to serve Scrutiny on a subpath.
|
| services.sourcehut.settings.objects.s3-access-key | Access key to the S3-compatible object storage service
|
| services.szurubooru.server.settings.domain | Full URL to the homepage of this szurubooru site (with no trailing slash).
|
| services.guacamole-client.settings | Configuration written to guacamole.properties.
The Guacamole web application uses one main configuration file called
guacamole.properties
|
| services.suricata.settings.logging.outputs.file.level | Loglevel for logs written to the logfile.
|
| services.froide-govplan.settings.ALLOWED_HOSTS | A list of valid fully-qualified domain names (FQDNs) and/or IP
addresses that can be used to reach the Froide-Govplan service.
|
| services.nextcloud.settings.log_type | Logging backend to use.
systemd automatically adds the php-systemd extensions to services.nextcloud.phpExtraExtensions
|
| services.saunafs.metalogger.settings.DATA_PATH | Data storage directory
|
| services.prowlarr.settings.update.mechanism | which update mechanism to use
|
| services.whisparr.settings.update.mechanism | which update mechanism to use
|
| services.crowdsec.settings.simulation | Attributes inside the simulation.yaml file.
|
| services.chhoto-url.settings.public_mode | Whether to enable public mode.
|
| services.chhoto-url.settings.slug_length | The length of auto-generated slugs.
|
| services.pinnwand.settings.paste_size | Maximum size of a paste in bytes.
|
| services.sourcehut.settings."builds.sr.ht".oauth-client-id | builds.sr.ht's OAuth client id for meta.sr.ht.
|
| services.sourcehut.settings."hg.sr.ht".oauth-client-secret | hg.sr.ht's OAuth client secret for meta.sr.ht.
|
| services.watchdogd.settings.loadavg.enabled | Whether to enable watchdogd plugin loadavg.
|
| services.watchdogd.settings.meminfo.enabled | Whether to enable watchdogd plugin meminfo.
|
| services.openssh.settings.KexAlgorithms | Allowed key exchange algorithms
Uses the lower bound recommended in both
https://stribika.github.io/2015/01/04/secure-secure-shell.html
and
https://infosec.mozilla.org/guidelines/openssh#modern-openssh-67
|
| services.nezha-agent.settings.temperature | Enable temperature monitoring.
|
| services.nezha-agent.settings.disable_nat | Disable NAT penetration.
|
| services.your_spotify.settings.PORT | The port of the api server
|
| services.privoxy.settings.filterfile | List of paths to Privoxy filter files
|
| services.sourcehut.settings."builds.sr.ht".shell | Scripts used to launch on SSH connection.
/usr/bin/master-shell on master,
/usr/bin/runner-shell on runner
|
| services.forgejo.settings.session.COOKIE_SECURE | Marks session cookies as "secure" as a hint for browsers to only send
them via HTTPS
|
| services.sourcehut.settings."lists.sr.ht::worker".sock | Path for the lmtp daemon's unix socket
|
| services.vmalert.instances.<name>.settings | vmalert configuration, passed via command line flags
|
| services.bookstack.settings.DB_PASSWORD_FILE | The file containing your mysql/mariadb database password.
|
| services.rosenpass.settings.peers.*.endpoint | Endpoint of the remote Rosenpass peer.
|
| services.pgbouncer.settings.databases | Detailed information about PostgreSQL database definitions:
https://www.pgbouncer.org/config.html#section-databases
|
| services.suricata.settings.outputs.*.<name>.enabled | Whether to enable .
|
| services.headscale.settings.oidc.client_id | OpenID Connect client ID.
|
| services.moosefs.metalogger.settings.DATA_PATH | Directory for storing metalogger data.
|
| services.tlsrpt.collectd.settings.log_level | Level of log messages to emit.
|
| services.watchdogd.settings.filenr.interval | Amount of seconds between every poll.
|
| services.ferretdb.settings.FERRETDB_HANDLER | Backend handler
|
| services.buffyboard.settings.input.pointer | Enable or disable the use of a hardware mouse or other pointing device.
|
| services.suricata.settings.app-layer.protocols | app-layer protocols, see upstream docs.
|
| services.parsedmarc.settings.mailbox.watch | Use the IMAP IDLE command to process messages as they arrive.
|
| services.blackfire-agent.settings.server-token | Sets the server token used to authenticate with Blackfire
You can find your personal server-token at https://blackfire.io/my/settings/credentials
|
| services.libeufin.nexus.settings.nexus-ebics.CURRENCY | Name of the fiat currency.
|
| services.inadyn.settings.provider.<name>.hostname | Hostname alias(es).
|
| services.inadyn.settings.provider.<name>.username | Username for this DDNS provider.
|
| services.ferretdb.settings.FERRETDB_SQLITE_URL | SQLite URI (directory) for 'sqlite' handler
|
| services.mchprs.settings.max_players | Maximum number of simultaneous players
|
| services.tor.relay.onionServices.<name>.settings.RendPostPeriod | See torrc manual.
|
| services.watchdogd.settings.loadavg.warning | The high watermark level
|
| services.watchdogd.settings.meminfo.warning | The high watermark level
|
| services.tor.settings.ReachableAddresses | See torrc manual.
|
| services.reposilite.settings.debugEnabled | Whether to enable debug mode.
|
| services.sabnzbd.settings.misc.html_login | Prompt for login with an html login mask if enabled,
otherwise prompt for basic auth (useful for SSO)
|
| services.sourcehut.settings."git.sr.ht".oauth-client-secret | git.sr.ht's OAuth client secret for meta.sr.ht.
|
| services.sourcehut.settings."hub.sr.ht".oauth-client-secret | hub.sr.ht's OAuth client secret for meta.sr.ht.
|
| services.sourcehut.settings."man.sr.ht".oauth-client-secret | man.sr.ht's OAuth client secret for meta.sr.ht.
|
| services.postfix-tlspol.settings.server.prefetch | Whether to prefetch DNS records when the TTL of a cached record is about to expire.
|
| services.readarr.settings.log.analyticsEnabled | Send Anonymous Usage Data
|
| services.warpgate.settings.recordings.path | Path to store session recordings.
|
| services.filebrowser.settings.address | The address to listen on.
|
| services.healthchecks.settings.DB_NAME | Database name.
|
| services.watchdogd.settings.meminfo.logmark | Whether to log current stats every poll interval.
|
| services.watchdogd.settings.loadavg.logmark | Whether to log current stats every poll interval.
|
| services.firefly-iii.settings.DB_CONNECTION | The type of database you wish to use
|
| services.sabnzbd.settings.misc.https_cert | Path to the TLS certificate for the web UI
|
| services.postfix.settings.main.myhostname | The internet hostname of this mail system
|
| services.botamusique.settings.bot.comment | Comment displayed for the bot.
|
| services.umami.settings.DISABLE_TELEMETRY | Umami collects completely anonymous telemetry data in order help improve the application
|
| services.frigate.settings.cameras.<name>.ffmpeg.inputs.*.path | Stream URL
|
| services.openbao.settings.listener.<name>.address | The TCP address or UNIX socket path to listen on.
|
| services.suricata.settings.vars.address-groups.DNP3_SERVER | DNP3_SERVER variable.
|
| services.suricata.settings.vars.address-groups.DNP3_CLIENT | DNP3_CLIENT variable.
|
| services.buffyboard.settings.theme.default | Selects the default theme on boot
|
| services.grafana.settings.users.login_hint | Text used as placeholder text on login page for login/username input.
|
| services.slskd.settings.retention.files.complete | Lifespan of completely downloaded files in minutes.
|
| services.veilid.settings.logging.terminal.enabled | Events of type 'terminal' will be logged.
|
| services.pid-fan-controller.settings.heatSources | List of heat sources to be monitored.
|
| services.tor.settings.FetchHidServDescriptors | See torrc manual.
|
| services.tor.settings.ReachableORAddresses | See torrc manual.
|
| services.sourcehut.settings."lists.sr.ht".posting-domain | Posting domain.
|
| services.snapserver.settings.http.doc_root | Path to serve from the HTTP servers root.
|
| services.pinnwand.settings.paste_help | Raw HTML help text shown in the header area.
|
| services.routinator.settings.rtr-listen | An array of string values each providing an address and port on which the RTR server should listen in TCP mode
|
| services.opensnitch.settings.Ebpf.ModulesPath | Configure eBPF modules path
|
| services.transmission.settings.rpc-port | The RPC port to listen to.
|
| services.misskey.settings.meilisearch | Meilisearch connection options.
|
| services.wastebin.settings.WASTEBIN_CACHE_SIZE | Number of rendered syntax highlight items to cache
|
| services.headscale.settings.database.sqlite.path | Path to the sqlite3 database file.
|
| services.radicle.ci.broker.settings.triggers.*.adapter | Adapter name.
|
| services.radicle.ci.broker.settings.triggers.*.filters | Trigger filter.
|
| services.sftpgo.settings.ftpd.bindings.*.address | Network listen address
|
| services.suricata.settings.unix-command.filename | Filename for unix-command socket.
|
| services.misskey.settings.meilisearch.ssl | Whether to connect via SSL.
|
| services.matrix-synapse.settings.listeners.*.type | The type of the listener, usually http.
|
| services.your_spotify.settings | Your Spotify Configuration
|
| services.lldap.settings.ldap_user_pass | Password for default admin password
|
| services.minidlna.settings.media_dir | Directories to be scanned for media files
|
| services.sourcehut.settings."sr.ht".network-key | An absolute file path (which should be outside the Nix-store)
to a secret key to encrypt internal messages with
|
| services.lldap.settings.ldap_user_dn | Admin username
|
| services.lldap.settings.database_url | Database URL.
|
| services.stash.settings.plugins_path | Path to scrapers
|