| systemd.targets.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| systemd.sockets.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| systemd.targets.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| services.wordpress.sites.<name>.plugins | Path(s) to respective plugin(s) which are copied from the 'plugins' directory.
These plugins need to be packaged before use, see example.
|
| users.extraUsers.<name>.expires | Set the date on which the user's account will no longer be
accessible
|
| services.klipper.firmwares.<name>.serial | Path to serial port this printer is connected to
|
| services.firewalld.zones.<name>.sources.*.ipset | An ipset.
|
| services.firewalld.zones.<name>.forwardPorts | Ports to forward in the zone.
|
| services.nginx.virtualHosts.<name>.locations | Declarative location config
|
| services.vault-agent.instances.<name>.package | The vault package to use.
|
| services.vdirsyncer.jobs.<name>.timerConfig | systemd timer configuration
|
| services.tarsnap.archives.<name>.lowmem | Reduce memory consumption by not caching small files
|
| boot.initrd.luks.devices.<name>.gpgCard.gracePeriod | Time in seconds to wait for the GPG Smartcard.
|
| systemd.services.<name>.enableDefaultPath | Whether to append a minimal default PATH environment variable to the service, containing common system utilities.
|
| services.kimai.sites.<name>.database.passwordFile | A file containing the password corresponding to
database.user.
|
| services.rke2.autoDeployCharts.<name>.values | Override default chart values via Nix expressions
|
| services.wstunnel.clients.<name>.remoteToLocal | Listen on remote and forwards traffic from local
|
| boot.loader.systemd-boot.windows.<name>.title | The title of the boot menu entry.
|
| security.pam.services.<name>.ttyAudit.enablePattern | For each user matching one of comma-separated
glob patterns, enable TTY auditing
|
| power.ups.ups.<name>.description | Description of the UPS.
|
| services.grafana.provision.alerting.muteTimings.settings.deleteMuteTimes.*.name | Name of the mute time interval, must be unique
|
| services.rshim.device | Specify the device name to attach
|
| security.acme.certs.<name>.enableDebugLogs | Whether to enable debug logging for this certificate.
|
| services.openbao.settings.listener.<name>.type | The listener type to enable.
|
| services.public-inbox.settings.coderepo.<name>.dir | Path to a git repository
|
| systemd.user.sockets.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| systemd.user.targets.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| systemd.user.targets.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| systemd.user.sockets.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| containers.<name>.bindMounts.<name>.mountPoint | Mount point on the container file system.
|
| services.awstats.configs.<name>.webService.urlPrefix | The URL prefix under which the awstats pages appear.
|
| services.kimai.sites.<name>.database.createLocally | Create the database and database user locally.
|
| services.atalkd.interfaces.<name>.config | Optional configuration string for this interface.
|
| services.honk.username | The admin account username.
|
| services.radicle.httpd.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.strongswan-swanctl.swanctl.secrets.ecdsa.<name>.file | File name in the ecdsa folder for which this
passphrase should be used.
|
| services.strongswan-swanctl.swanctl.secrets.pkcs8.<name>.file | File name in the pkcs8 folder for which this
passphrase should be used.
|
| services.drupal.sites.<name>.virtualHost.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| boot.specialFileSystems.<name>.fsType | Type of the file system
|
| systemd.timers.<name>.timerConfig | Each attribute in this set specifies an option in the
[Timer] section of the unit
|
| systemd.services.<name>.stopIfChanged | If set, a changed unit is restarted by calling
systemctl stop in the old configuration,
then systemctl start in the new one
|
| services.movim.h2o.serverName | Server name to be used for this virtual host
|
| systemd.sockets.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| systemd.targets.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| services.postfix.settings.master.<name>.wakeup | Automatically wake up the service after the specified number of
seconds
|
| services.rke2.autoDeployCharts.<name>.version | The version of the Helm chart
|
| services.mpdscribble.endpoints.<name>.username | Username for the scrobble service.
|
| services.caddy.virtualHosts.<name>.serverAliases | Additional names of virtual hosts served by this virtual host configuration.
|
| services.httpd.virtualHosts.<name>.robotsEntries | Specification of pages to be ignored by web crawlers
|
| services.fedimintd.<name>.p2p.openFirewall | Opens port in firewall for fedimintd's p2p port (both TCP and UDP)
|
| services.httpd.virtualHosts.<name>.serverAliases | Additional names of virtual hosts served by this virtual host configuration.
|
| services.nginx.virtualHosts.<name>.serverAliases | Additional names of virtual hosts served by this virtual host configuration.
|
| security.pam.services.<name>.duoSecurity.enable | If set, use the Duo Security pam module
pam_duo for authentication
|
| services.prosody.virtualHosts.<name>.ssl.extraOptions | Extra SSL configuration options.
|
| services.quicktun.<name>.remoteAddress | IP address or hostname of the remote end (use 0.0.0.0 for a floating/dynamic remote endpoint).
|
| services.openafsServer.cellServDB.*.dnsname | DNS full-qualified domain name of a database server
|
| services.openafsClient.cellServDB.*.dnsname | DNS full-qualified domain name of a database server
|
| services.firezone.server.provision.accounts.<name>.resources.<name>.filters.*.ports.*.to | The end of the port range, inclusive.
|
| networking.sits.<name>.remote | The address of the remote endpoint to forward traffic over.
|
| systemd.user.timers.<name>.timerConfig | Each attribute in this set specifies an option in the
[Timer] section of the unit
|
| services.jibri.xmppEnvironments.<name>.control.muc.nickname | The nickname for this Jibri instance in the MUC.
|
| services.firezone.server.provision.accounts.<name>.resources.<name>.filters.*.ports | Either a single port or port range to allow
|
| systemd.user.sockets.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| systemd.user.targets.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| services.postfix.masterConfig.<name>.maxproc | The maximum number of processes to spawn for this service
|
| services.btrbk.instances.<name>.settings | configuration options for btrbk
|
| services.fediwall.nginx.locations.<name>.index | Adds index directive.
|
| services.dolibarr.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.kanboard.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.librenms.nginx.locations.<name>.index | Adds index directive.
|
| services.agorakit.nginx.locations.<name>.index | Adds index directive.
|
| services.kanboard.nginx.locations.<name>.index | Adds index directive.
|
| services.fediwall.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.dolibarr.nginx.locations.<name>.index | Adds index directive.
|
| services.librenms.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.agorakit.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.sabnzbd.settings.servers.<name>.enable | Enable this server by default
|
| services.pixelfed.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.pixelfed.nginx.locations.<name>.index | Adds index directive.
|
| services.mainsail.nginx.locations.<name>.index | Adds index directive.
|
| services.mainsail.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.github-runners.<name>.nodeRuntimes | List of Node.js runtimes the runner should support.
|
| security.acme.certs.<name>.listenHTTP | Interface and port to listen on to solve HTTP challenges
in the form [INTERFACE]:PORT
|
| services.firewalld.zones.<name>.forward | Whether to enable intra-zone forwarding
|
| services.vmalert.instances.<name>.rules | A list of the given alerting or recording rules against configured "datasource.url" compatible with
Prometheus HTTP API for vmalert to execute
|
| services.ytdl-sub.instances.<name>.schedule | How often to run ytdl-sub
|
| fileSystems.<name>.encrypted.blkDev | Location of the backing encrypted device.
|
| services.ttyd.username | Username for basic http authentication.
|
| users.ldap.base | The distinguished name of the search base.
|
| services.snapserver.streams.<name>.codec | Default audio compression method.
|
| security.pam.services.<name>.startSession | If set, the service will register a new session with
systemd's login manager
|
| systemd.user.services.<name>.reloadIfChanged | Whether the service should be reloaded during a NixOS
configuration switch if its definition has changed
|
| services.borgbackup.jobs.<name>.extraInitArgs | Additional arguments for borg init
|
| services.mosquitto.bridges.<name>.topics | Topic patterns to be shared between the two brokers
|
| networking.vswitches.<name>.interfaces.<name>.type | Openvswitch type to assign to interface
|
| networking.vswitches.<name>.interfaces.<name>.vlan | Vlan tag to apply to interface
|
| networking.ipips.<name>.local | The address of the local endpoint which the remote
side should send packets to.
|
| services.tahoe.nodes.<name>.client.introducer | The furl for a Tahoe introducer node
|
| services.httpd.virtualHosts.<name>.locations | Declarative location config
|
| services.postfix.settings.master.<name>.chroot | Whether the service is chrooted to have only access to the
services.postfix.queueDir and the closure of
store paths specified by the program option.
|