| services.rspamd.overrides.<name>.enable | Whether this file overrides should be generated
|
| services.metricbeat.modules.<name>.module | The name of the module
|
| services.homebridge.settings.platforms.*.name | Name of the platform
|
| services.netbird.clients.<name>.dns-resolver.port | A port to serve DNS entries on when dns-resolver.address is enabled.
|
| services.netbird.tunnels.<name>.dns-resolver.port | A port to serve DNS entries on when dns-resolver.address is enabled.
|
| services.tor.relay.onionServices.<name>.settings | Settings of the onion service
|
| power.ups.users.<name>.actions | Allow the user to do certain things with upsd
|
| boot.initrd.luks.devices.<name>.header | The name of the file or block device that
should be used as header for the encrypted device.
|
| services.iodine.clients.<name>.passwordFile | Path to a file containing the password.
|
| services.restic.backups.<name>.passwordFile | Read the repository password from a file.
|
| virtualisation.fileSystems.<name>.stratis.poolUuid | UUID of the stratis pool that the fs is located in
This is only relevant if you are using stratis.
|
| services.blockbook-frontend.<name>.user | The user as which to run blockbook-frontend-‹name›.
|
| services.github-runners.<name>.package | The github-runner package to use.
|
| services.kanata.keyboards.<name>.config | Configuration other than defcfg
|
| services.wordpress.sites.<name>.poolConfig | Options for the WordPress PHP pool
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cacert.<name>.handle | Hex-encoded CKA_ID or handle of the certificate on a token or TPM,
respectively
|
| services.wyoming.faster-whisper.servers.<name>.uri | URI to bind the wyoming server to.
|
| services.tinc.networks.<name>.hostSettings.<name>.subnets.*.address | The subnet of this host
|
| services.borgbackup.jobs.<name>.extraArgs | Additional arguments for all borg calls the
service has
|
| services.dokuwiki.sites.<name>.extraConfigs | Path(s) to additional configuration files that are then linked to the 'conf' directory.
|
| services.firewalld.zones.<name>.sources | Source addresses, address ranges, MAC addresses or ipsets to bind.
|
| services.radicle.ci.broker.settings.adapters.<name>.env | Environment variables to add when running the adapter.
|
| services.tarsnap.archives.<name>.maxbwRateDown | Download bandwidth rate limit in bytes.
|
| services.tinc.networks.<name>.listenAddress | The ip address to listen on for incoming connections.
|
| services.awstats.configs.<name>.webService.enable | Whether to enable awstats web service.
|
| security.pam.services.<name>.startSession | If set, the service will register a new session with
systemd's login manager
|
| services.tinc.networks.<name>.hostSettings.<name>.addresses.*.address | The external IP address or hostname where the host can be reached.
|
| services.kanidm.provision.persons.<name>.displayName | Display name
|
| services.buildkite-agents.<name>.tags | Tags for the agent.
|
| services.quicktun.<name>.protocol | Which protocol to use.
|
| services.wordpress.sites.<name>.database.user | Database user.
|
| services.lemmy.settings.hostname | The domain name of your instance (eg 'lemmy.ml').
|
| security.pam.services.<name>.duoSecurity.enable | If set, use the Duo Security pam module
pam_duo for authentication
|
| services.borgbackup.repos.<name>.group | The group borg serve is run as
|
| systemd.user.services.<name>.enableDefaultPath | Whether to append a minimal default PATH environment variable to the service, containing common system utilities.
|
| services.znapzend.zetup.<name>.postsnap | Command to run after snapshots are taken on the source dataset,
e.g. for database unlocking
|
| services.ytdl-sub.instances.<name>.readWritePaths | List of paths that ytdl-sub can write to.
|
| security.pam.services.<name>.ttyAudit.enablePattern | For each user matching one of comma-separated
glob patterns, enable TTY auditing
|
| services.tarsnap.archives.<name>.lowmem | Reduce memory consumption by not caching small files
|
| services.wstunnel.servers.<name>.package | The wstunnel package to use.
|
| services.wstunnel.clients.<name>.package | The wstunnel package to use.
|
| services.wordpress.sites.<name>.database.port | Database host port.
|
| services.wordpress.sites.<name>.database.host | Database host address.
|
| services.stash.username | Username for login.
|
| services.borgbackup.repos.<name>.quota | Storage quota for the repository
|
| systemd.user.services.<name>.reloadIfChanged | Whether the service should be reloaded during a NixOS
configuration switch if its definition has changed
|
| services.postfix.settings.master.<name>.wakeup | Automatically wake up the service after the specified number of
seconds
|
| services.suricata.settings.outputs.*.<name>.enabled | Whether to enable .
|
| services.vmalert.instances.<name>.settings.rule | Path to the files with alerting and/or recording rules.
|
| services.borgbackup.jobs.<name>.prune.prefix | Only consider archive names starting with this prefix for pruning
|
| services.v4l2-relayd.instances.<name>.input.height | The height to read from input-stream.
|
| systemd.user.paths.<name>.wants | Start the specified units when this unit is started.
|
| services.firewalld.zones.<name>.sourcePorts | Source ports to allow in the zone.
|
| services.firewalld.zones.<name>.sources.*.mac | A MAC address.
|
| services.kmonad.keyboards.<name>.defcfg.compose.key | The (optional) compose key to use.
|
| services.printing.cups-pdf.instances.<name>.settings.Out | output directory;
${HOME} will be expanded to the user's home directory,
${USER} will be expanded to the user name.
|
| services.firefox-syncserver.database.name | Database to use for storage
|
| systemd.user.services.<name>.restartIfChanged | Whether the service should be restarted during a NixOS
configuration switch if its definition has changed.
|
| services.firezone.server.provision.accounts.<name>.groups.<name>.forceMembers | Ensure that only the given members are part of this group at every server start.
|
| services.v4l2-relayd.instances.<name>.input.format | The video-format to read from input-stream.
|
| services.anubis.instances.<name>.extraFlags | A list of extra flags to be passed to Anubis.
|
| services.syncoid.commands.<name>.service | Systemd configuration specific to this syncoid service.
|
| services.tarsnap.archives.<name>.verbose | Whether to produce verbose logging output.
|
| services.vault-agent.instances.<name>.enable | Whether to enable this vault-agent instance.
|
| power.ups.ups.<name>.maxStartDelay | This can be set as a global variable above your first UPS
definition and it can also be set in a UPS section
|
| services.postfix.settings.master.<name>.chroot | Whether the service is chrooted to have only access to the
services.postfix.queueDir and the closure of
store paths specified by the program option.
|
| services.drupal.sites.<name>.database.tablePrefix | The $table_prefix is the value placed in the front of your database tables
|
| services.kimai.sites.<name>.database.passwordFile | A file containing the password corresponding to
database.user.
|
| systemd.paths.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| services.rke2.manifests.<name>.enable | Whether this manifest file should be generated.
|
| services.rke2.manifests.<name>.source | Path of the source .yaml file.
|
| services.spiped.config.<name>.resolveRefresh | Resolution refresh time for the target socket, in seconds.
|
| services.gitlab.smtp.username | Username of the SMTP server for GitLab.
|
| services.archisteamfarm.bots.<name>.username | Name of the user to log in
|
| services.logcheck.ignoreCron.<name>.cmdline | Command line for the cron job
|
| services.gitlab-runner.services.<name>.preBuildScript | Runner-specific command script executed after code is pulled,
just before build executes.
|
| services.fedimintd.<name>.package | The fedimint package to use.
|
| services.blockbook-frontend.<name>.rpc.url | URL for JSON-RPC connections.
|
| services.jupyterhub.kernels.<name>.env | Environment variables to set for the kernel.
|
| services.sanoid.datasets.<name>.autosnap | Whether to automatically take snapshots.
|
| services.wstunnel.clients.<name>.connectTo | Server address and port to connect to.
|
| services.webhook.hooks.<name>.execute-command | The command that should be executed when the hook is triggered.
|
| services.frp.instances.<name>.settings | Frp configuration, for configuration options
see the example of client
or server on github.
|
| services.davis.hostname | Domain of the host to serve davis under
|
| services.awstats.configs.<name>.webService.urlPrefix | The URL prefix under which the awstats pages appear.
|
| services.kimai.sites.<name>.database.createLocally | Create the database and database user locally.
|
| services.wordpress.sites.<name>.plugins | Path(s) to respective plugin(s) which are copied from the 'plugins' directory.
These plugins need to be packaged before use, see example.
|
| systemd.services.<name>.stopIfChanged | If set, a changed unit is restarted by calling
systemctl stop in the old configuration,
then systemctl start in the new one
|
| services.nebula.networks.<name>.staticHostMap | The static host map defines a set of hosts with fixed IP addresses on the internet (or any network)
|
| services.tahoe.nodes.<name>.client.introducer | The furl for a Tahoe introducer node
|
| security.acme.certs.<name>.domain | Domain to fetch certificate for (defaults to the entry name).
|
| services.hans.clients | Each attribute of this option defines a systemd service that
runs hans
|
| services.v4l2-relayd.instances.<name>.enable | Whether to enable this v4l2-relayd instance.
|
| services.blockbook-frontend.<name>.dataDir | Location of blockbook-frontend-‹name› data directory.
|
| services.geoclue2.appConfig.<name>.users | List of UIDs of all users for which this application is allowed location
info access, Defaults to an empty string to allow it for all users.
|
| services.github-runners.<name>.group | Group under which to run the service
|
| networking.vswitches.<name>.interfaces.<name>.name | Name of the interface
|
| services.openbao.settings.listener.<name>.type | The listener type to enable.
|
| services.public-inbox.settings.coderepo.<name>.dir | Path to a git repository
|
| security.pam.services.<name>.gnupg.noAutostart | Don't start gpg-agent if it is not running
|