| services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.cert | Section for a certificate candidate to use for
authentication
|
| services.anubis.instances.<name>.group | The group under which Anubis is run
|
| services.wordpress.sites.<name>.themes | Path(s) to respective theme(s) which are copied from the 'theme' directory.
These themes need to be packaged before use, see example.
|
| services.gancio.settings.hostname | The domain name under which the server is reachable.
|
| systemd.network.networks.<name>.dhcpV4Config | Each attribute in this set specifies an option in the
[DHCPv4] section of the unit
|
| systemd.network.networks.<name>.dhcpV6Config | Each attribute in this set specifies an option in the
[DHCPv6] section of the unit
|
| services.v4l2-relayd.instances.<name>.input.width | The width to read from input-stream.
|
| services.k3s.autoDeployCharts.<name>.enable | Whether to enable the installation of this Helm chart
|
| services.movim.h2o.serverName | Server name to be used for this virtual host
|
| fileSystems.<name>.overlay.lowerdir | The list of path(s) to the lowerdir(s)
|
| services.i2pd.ifname4 | IPv4 interface to bind to.
|
| services.i2pd.ifname6 | IPv6 interface to bind to.
|
| systemd.slices.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| systemd.timers.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| systemd.shutdownRamfs.contents.<name>.target | Path of the symlink.
|
| services.github-runners.<name>.workDir | Working directory, available as $GITHUB_WORKSPACE during workflow runs
and used as a default for repository checkouts
|
| services.anubis.instances.<name>.extraFlags | A list of extra flags to be passed to Anubis.
|
| services.syncoid.commands.<name>.service | Systemd configuration specific to this syncoid service.
|
| services.nginx.upstreams.<name>.extraConfig | These lines go to the end of the upstream verbatim.
|
| services.tarsnap.archives.<name>.verbose | Whether to produce verbose logging output.
|
| services.vault-agent.instances.<name>.enable | Whether to enable this vault-agent instance.
|
| services.borgbackup.jobs.<name>.doInit | Run borg init if the
specified repo does not exist
|
| services.grafana.provision.alerting.muteTimings.settings.deleteMuteTimes.*.name | Name of the mute time interval, must be unique
|
| services.postfix.settings.master.<name>.args | Arguments to pass to the command
|
| services.dokuwiki.sites.<name>.extraConfigs | Path(s) to additional configuration files that are then linked to the 'conf' directory.
|
| services.firewalld.zones.<name>.sources | Source addresses, address ranges, MAC addresses or ipsets to bind.
|
| services.fedimintd.<name>.nginx.path_ui | Path to host the built-in UI on and forward to the daemon's api port
|
| services.borgbackup.jobs.<name>.extraArgs | Additional arguments for all borg calls the
service has
|
| services.buildkite-agents.<name>.shell | Command that buildkite-agent 3 will execute when it spawns a shell.
|
| services.nylon.<name>.acceptInterface | Tell nylon which interface to listen for client requests on, default is "lo".
|
| services.gitlab-runner.services.<name>.tagList | Tag list
|
| services.spiped.config.<name>.source | Address on which spiped should listen for incoming
connections
|
| services.snipe-it.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.snipe-it.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.vdirsyncer.jobs.<name>.config.pairs | vdirsyncer pair configurations
|
| services.nginx.virtualHosts.<name>.http2 | Whether to enable the HTTP/2 protocol
|
| systemd.services.<name>.requisite | Similar to requires
|
| services.nginx.virtualHosts.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.blockbook-frontend.<name>.rpc.url | URL for JSON-RPC connections.
|
| services.jupyterhub.kernels.<name>.env | Environment variables to set for the kernel.
|
| image.repart.partitions.<name>.contents | The contents to end up in the filesystem image.
|
| services.prosody.virtualHosts.<name>.enabled | Whether to enable the virtual host
|
| services.sanoid.datasets.<name>.autosnap | Whether to automatically take snapshots.
|
| services.webhook.hooks.<name>.execute-command | The command that should be executed when the hook is triggered.
|
| services.wstunnel.clients.<name>.connectTo | Server address and port to connect to.
|
| services.mailpit.instances.<name>.max | Maximum number of emails to keep
|
| services.postfix.masterConfig.<name>.chroot | Whether the service is chrooted to have only access to the
services.postfix.queueDir and the closure of
store paths specified by the program option.
|
| services.syncoid.commands.<name>.target | Target ZFS dataset
|
| services.snapper.configs.<name>.ALLOW_GROUPS | List of groups allowed to operate with the config
|
| services.rspamd.overrides.<name>.enable | Whether this file overrides should be generated
|
| services.fedimintd.<name>.nginx.config.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.drupal.sites.<name>.virtualHost.listen | Listen addresses and ports for this virtual host.
This option overrides addSSL, forceSSL and onlySSL
|
| services.gancio.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.akkoma.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.fluidd.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.drupal.sites.<name>.virtualHost.sslServerChain | Path to server SSL chain file.
|
| services.monica.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.matomo.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| systemd.services.<name>.confinement.mode | The value full-apivfs (the default) sets up
private /dev, /proc,
/sys, /tmp and /var/tmp file systems
in a separate user name space
|
| services.autossh.sessions.*.user | Name of the user the AutoSSH session should run as
|
| services.akkoma.frontends.<name>.package | Akkoma frontend package.
|
| services.sanoid.templates.<name>.monthly | Number of monthly snapshots.
|
| services.vdirsyncer.jobs.<name>.configFile | existing configuration file
|
| systemd.shutdownRamfs.contents.<name>.source | Path of the source file.
|
| services.drupal.sites.<name>.virtualHost.enableACME | Whether to ask Let's Encrypt to sign a certificate for this vhost
|
| services.spiped.config.<name>.resolveRefresh | Resolution refresh time for the target socket, in seconds.
|
| services.tahoe.introducers.<name>.tub.port | The port on which the introducer will listen.
|
| systemd.network.networks.<name>.qdiscConfig | Each attribute in this set specifies an option in the
[QDisc] section of the unit
|
| systemd.network.networks.<name>.pfifoConfig | Each attribute in this set specifies an option in the
[PFIFO] section of the unit
|
| systemd.network.networks.<name>.bfifoConfig | Each attribute in this set specifies an option in the
[BFIFO] section of the unit
|
| services.openssh.knownHosts.<name>.publicKey | The public key data for the host
|
| fileSystems.<name>.mountPoint | Location where the file system will be mounted
|
| services.sabnzbd.settings.servers.<name>.displayname | Human-friendly description of the server
|
| services.borgbackup.jobs.<name>.prune.keep | Prune a repository by deleting all archives not matching any of the
specified retention options
|
| services.rsync.jobs.<name>.destination | Destination directory.
|
| systemd.slices.<name>.startLimitIntervalSec | Configure unit start rate limiting
|
| systemd.timers.<name>.startLimitIntervalSec | Configure unit start rate limiting
|
| services.davis.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.movim.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.slskd.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.v4l2-relayd.instances.<name>.enable | Whether to enable this v4l2-relayd instance.
|
| services.httpd.virtualHosts.<name>.forceSSL | Whether to add a separate nginx server block that permanently redirects (301)
all plain HTTP traffic to HTTPS
|
| services.nsd.zones.<name>.dnssecPolicy.algorithm | Which algorithm to use for DNSSEC
|
| services.wstunnel.servers.<name>.listen | Address and port to listen on
|
| services.kanata.keyboards.<name>.config | Configuration other than defcfg
|
| services.wordpress.sites.<name>.poolConfig | Options for the WordPress PHP pool
|
| services.rke2.autoDeployCharts.<name>.extraDeploy | List of extra Kubernetes manifests to deploy with this Helm chart.
|
| services.grafana.provision.dashboards.settings.providers.*.name | A unique provider name.
|
| services.fedimintd.<name>.nginx.config.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| services.zoneminder.database.username | Username for accessing the database.
|
| services.radicle.httpd.nginx.locations.<name>.root | Root directory for requests.
|
| services.nsd.zones.<name>.dnssecPolicy.coverage | The length of time to ensure that keys will be correct; no action will be taken to create new keys to be activated after this time.
|
| services.firezone.server.provision.accounts.<name>.resources.<name>.filters.*.ports.*.to | The end of the port range, inclusive.
|
| services.buildkite-agents.<name>.enable | Whether to enable this buildkite agent
|
| services.wstunnel.servers.<name>.enableHTTPS | Use HTTPS for the tunnel server.
|
| services.errbot.instances.<name>.plugins | List of errbot plugin derivations.
|
| services.restic.backups.<name>.inhibitsSleep | Prevents the system from sleeping while backing up.
|
| services.fedimintd.<name>.nginx.config.acmeRoot | Directory for the ACME challenge, which is public
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.interface | Optional interface name to restrict outbound IPsec policies.
|
| services.openssh.knownHosts.<name>.extraHostNames | A list of additional host names and/or IP numbers used for
accessing the host's ssh service
|