| services.postfix.settings.main.relayhost | List of hosts to use for relaying outbound mail.
Putting the hostname in angled brackets, e.g. [relay.example.com], turns off MX and SRV lookups for the hostname.
https://www.postfix.org/postconf.5.html#relayhost
|
| services.routinator.settings.rtr-listen | An array of string values each providing an address and port on which the RTR server should listen in TCP mode
|
| services.reposilite.settings.hostname | The hostname to bind to
|
| services.firefly-iii-data-importer.settings | Options for firefly-iii data importer configuration
|
| nix.settings.trusted-substituters | List of binary cache URLs that non-root users can use (in
addition to those specified using
nix.settings.substituters) by passing
--option binary-caches to Nix commands.
|
| services.minidlna.settings.media_dir | Directories to be scanned for media files
|
| services.zeronsd.servedNetworks.<name>.settings.token | Path to a file containing the API Token for ZeroTier Central.
|
| services.anuko-time-tracker.settings.weekendStartDay | This option defines which days are highlighted with weekend color.
6 means Saturday
|
| services.bonsaid.settings.*.event_name | Name of the event which should trigger this transition when received by bonsaid
|
| services.routinator.settings.http-listen | An array of string values each providing an address and port on which the HTTP server should listen
|
| services.buffyboard.settings.input.pointer | Enable or disable the use of a hardware mouse or other pointing device.
|
| services.suricata.settings.app-layer.protocols | app-layer protocols, see upstream docs.
|
| services.parsedmarc.settings.mailbox.watch | Use the IMAP IDLE command to process messages as they arrive.
|
| services.angrr.settings.temporary-root-policies | Policies for temporary GC roots(e.g. result and direnv).
|
| services.tor.relay.onionServices.<name>.settings.RendPostPeriod | See torrc manual.
|
| services.wstunnel.clients.<name>.settings.http-headers | Custom headers to send in the upgrade request
|
| services.watchdogd.settings.loadavg.warning | The high watermark level
|
| services.watchdogd.settings.meminfo.warning | The high watermark level
|
| services.grafana.settings.users.home_page | Path to a custom home page
|
| services.anuko-time-tracker.settings.multiorgMode | Defines whether users see the Register option in the menu of Time Tracker that allows them
to self-register and create new organizations (top groups).
|
| services.sourcehut.settings."git.sr.ht".oauth-client-secret | git.sr.ht's OAuth client secret for meta.sr.ht.
|
| services.sourcehut.settings."hub.sr.ht".oauth-client-secret | hub.sr.ht's OAuth client secret for meta.sr.ht.
|
| services.sourcehut.settings."man.sr.ht".oauth-client-secret | man.sr.ht's OAuth client secret for meta.sr.ht.
|
| services.maubot.settings.homeservers.<name>.url | Client-server API URL
|
| services.hickory-dns.settings.listen_port | Port to listen on (applies to all listen addresses).
|
| services.readarr.settings.log.analyticsEnabled | Send Anonymous Usage Data
|
| services.transmission.settings.peer-port | The peer port to listen for incoming connections.
|
| services.warpgate.settings.recordings.path | Path to store session recordings.
|
| services.botamusique.settings.bot.comment | Comment displayed for the bot.
|
| services.tor.settings.ExtendAllowPrivateAddresses | See torrc manual.
|
| networking.networkmanager.settings | Configuration added to the generated NetworkManager.conf, note that you can overwrite settings with this
|
| services.sourcehut.settings."lists.sr.ht".posting-domain | Posting domain.
|
| services.hddfancontrol.settings | Parameter-sets for each instance of hddfancontrol.
|
| services.wastebin.settings.WASTEBIN_ADDRESS_PORT | Address and port to bind to
|
| services.sourcehut.settings."sr.ht".network-key | An absolute file path (which should be outside the Nix-store)
to a secret key to encrypt internal messages with
|
| services.sabnzbd.settings.servers.<name>.required | In case of connection failures, wait for the
server to come back online instead of skipping
it.
|
| services.sabnzbd.settings.servers.<name>.priority | Priority of this servers
|
| services.easytier.instances.<name>.settings.dhcp | Automatically determine the IPv4 address of this peer based on
existing peers on network.
|
| services.grafana.settings.smtp.password | Password used for authentication
|
| services.postfix-tlspol.settings.server.prefetch | Whether to prefetch DNS records when the TTL of a cached record is about to expire.
|
| services.syncthing.settings.folders.<name>.path | The path to the folder which should be shared
|
| services.pds.settings.PDS_BLOBSTORE_DISK_LOCATION | Store blobs at this location, set to null to use e.g
|
| services.saunafs.chunkserver.settings | Contents of chunkserver config file (see sfschunkserver.cfg(5)).
|
| services.umurmur.settings.certificate | Path to your SSL certificate
|
| services.umurmur.settings.private_key | Path to your SSL key
|
| services.watchdogd.settings.meminfo.logmark | Whether to log current stats every poll interval.
|
| services.watchdogd.settings.loadavg.logmark | Whether to log current stats every poll interval.
|
| services.hercules-ci-agent.settings.baseDirectory | State directory (secrets, work directory, etc) for agent
|
| services.frigate.settings.cameras.<name>.ffmpeg.inputs.*.path | Stream URL
|
| services.sslh.settings.protocols | List of protocols sslh will probe for and redirect
|
| services.snapserver.settings.http.doc_root | Path to serve from the HTTP servers root.
|
| services.stash.settings.stash_boxes.*.apikey | Stash Box API key
|
| services.suricata.settings.unix-command.filename | Filename for unix-command socket.
|
| services.misskey.settings.meilisearch.ssl | Whether to connect via SSL.
|
| services.pid-fan-controller.settings.heatSources.*.name | Name of the heat source.
|
| services.suricata.settings.logging.outputs.file.type | Type of logfile.
|
| services.forgejo.settings.session.COOKIE_SECURE | Marks session cookies as "secure" as a hint for browsers to only send
them via HTTPS
|
| services.peering-manager.settings.ALLOWED_HOSTS | A list of valid fully-qualified domain names (FQDNs) and/or IP
addresses that can be used to reach the peering manager service.
|
| services.headscale.settings.server_url | The url clients will connect to.
|
| services.acme-dns.settings.database.connection | Database connection string.
|
| services.suricata.settings.reference-config-file | Suricata reference configuration file.
|
| services.tor.settings.PublishServerDescriptor | See torrc manual.
|
| services.tor.settings.HiddenServiceStatistics | See torrc manual.
|
| services.tor.settings.FetchServerDescriptors | See torrc manual.
|
| services.sourcehut.settings."git.sr.ht".outgoing-domain | Outgoing domain.
|
| services.sourcehut.settings."todo.sr.ht::mail".posting-domain | Posting domain.
|
| services.languagetool.settings.cacheSize | Number of sentences cached.
|
| services.misskey.settings.meilisearch.host | The Meilisearch host.
|
| services.misskey.settings.meilisearch.port | The Meilisearch port.
|
| services.maubot.settings.api_features | API feature switches.
|
| services.sabnzbd.settings.misc.html_login | Prompt for login with an html login mask if enabled,
otherwise prompt for basic auth (useful for SSO)
|
| services.sabnzbd.settings.servers.<name>.optional | In case of connection failures, temporarily
disable this server. (See sabnzbd's documentation
for usage guides).
|
| services.postfix.settings.master.<name>.privileged | |
| services.firezone.server.api.settings | Environment variables for this component of the Firezone server
|
| services.firezone.server.web.settings | Environment variables for this component of the Firezone server
|
| services.suricata.settings.app-layer.error-policy | The error-policy setting applies to all app-layer parsers
|
| services.reposilite.settings.database | Database connection string
|
| services.dsnet.settings.ExternalHostname | The hostname that clients should use to connect to this server
|
| services.open-web-calendar.settings.ALLOWED_HOSTS | The hosts that the Open Web Calendar permits
|
| services.buffyboard.settings.theme.default | Selects the default theme on boot
|
| services.grafana.settings.users.login_hint | Text used as placeholder text on login page for login/username input.
|
| services.opensnitch.settings.Ebpf.ModulesPath | Configure eBPF modules path
|
| services.sourcehut.settings."lists.sr.ht::worker".sock | Path for the lmtp daemon's unix socket
|
| services.authelia.instances.<name>.settings | Your Authelia config.yml as a Nix attribute set
|
| services.pocket-id.settings.ANALYTICS_DISABLED | Whether to disable analytics
|
| services.zeronsd.servedNetworks.<name>.settings.domain | Domain under which ZeroTier records will be available.
|
| services.anubis.instances.<name>.settings.TARGET | The reverse proxy target that Anubis is protecting
|
| services.sourcehut.settings."todo.sr.ht".oauth-client-secret | todo.sr.ht's OAuth client secret for meta.sr.ht.
|
| services.authelia.instances.<name>.settings.log.level | Level of verbosity for logs.
|
| services.pretalx.settings.filesystem.static | Path to the directory that contains static files.
|
| services.transmission.settings.watch-dir | Watch a directory for torrent files and add them to transmission.
|
| services.parsedmarc.settings.mailbox.delete | Delete messages after processing them, instead of archiving them.
|
| services.factorio.mods-dat | Mods settings can be changed by specifying a dat file, in the mod
settings file
format.
|
| services.canaille.settings.PREFERRED_URL_SCHEME | The url scheme by which canaille will be served.
|
| services.grafana-image-renderer.settings.browser.path | Path to the executable of the chromium to use.
|
| services.globalprotect.settings | GlobalProtect-openconnect configuration
|
| services.misskey.settings.meilisearch.apiKey | The Meilisearch API key.
|
| services.tor.settings.CacheDirectoryGroupReadable | See torrc manual.
|
| services.fastnetmon-advanced.settings | Extra configuration options to declaratively load into FastNetMon Advanced
|
| services.sabnzbd.settings.misc.https_cert | Path to the TLS certificate for the web UI
|