| services.garage.environmentFile | File containing environment variables to be passed to the Garage server.
|
| services.c2fmzq-server.passphraseFile | Path to file containing the database passphrase
|
| services.openvscode-server.socketPath | The path to a socket file for the server to listen to.
|
| services.code-server.disableFileDownloads | Disable file downloads from Code.
|
| users.extraUsers.<name>.linger | Whether to enable or disable lingering for this user
|
| services.openafsServer.roles.fileserver.salvageserverArgs | Arguments to the salvageserver process
|
| services.thelounge.public | Make your The Lounge instance public
|
| services.strongswan.secrets | A list of paths to IPSec secret files
|
| boot.loader.systemd-boot.memtest86.sortKey | systemd-boot orders the menu entries by their sort keys,
so if you want something to appear after all the NixOS entries,
it should start with o or onwards
|
| services.drupal.sites.<name>.virtualHost.sslServerChain | Path to server SSL chain file.
|
| services.bookstack.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.ipfs-cluster.secretFile | File containing the cluster secret in the format of EnvironmentFile as described by
systemd.exec(5)
|
| services.clickhouse.serverConfig | Your config.yaml as a Nix attribute set
|
| services.autotierfs.settings | The contents of the configuration file for autotier
|
| services.canaille.jwtPrivateKeyFile | File containing the JWT private key
|
| services.mosquitto.listeners.*.acl | Additional ACL items to prepend to the generated ACL file.
|
| services.oauth2-proxy.tls.certificate | Path to certificate file.
|
| boot.loader.systemd-boot.windows | Make Windows bootable from systemd-boot
|
| services.nginx.virtualHosts.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.system76-scheduler.settings.cfsProfiles.responsive.latency | sched_latency_ns.
|
| services.wyoming.satellite.sounds.done | Path to audio file in WAV format to play when voice command recording has ended.
|
| services.xserver.windowManager.exwm.loadScript | Emacs lisp code to be run after loading the user's init
file.
|
| services.physlock.lockOn.extraTargets | Other targets to lock the screen just before
|
| services.filebeat.settings.output.elasticsearch.hosts | The list of Elasticsearch nodes to connect to
|
| services.plausible.mail.smtp.passwordFile | The path to the file with the password in case SMTP auth is enabled.
|
| networking.nftables.rulesetFile | The ruleset file to be used with nftables
|
| services.memos.environmentFile | The environment file to use when starting Memos.
By default, generated from .
|
| services.rke2.environmentFile | File path containing environment variables for configuring the rke2 service in the format of an EnvironmentFile
|
| services.system76-scheduler.settings.cfsProfiles.responsive.preempt | Preemption mode.
|
| services.forgejo.database.passwordFile | A file containing the password corresponding to
services.forgejo.database.user.
|
| services.redmine.database.passwordFile | A file containing the password corresponding to
database.user.
|
| services.system76-scheduler.settings.cfsProfiles.responsive.nr-latency | sched_nr_latency.
|
| services.shiori.environmentFile | Path to file containing environment variables
|
| services.mongodb.initialRootPasswordFile | Path to the file containing the password for the root user if auth is enabled.
|
| services.printing.drivers | CUPS drivers to use
|
| services.matrix-conduit.settings | Generates the conduit.toml configuration file
|
| services.prometheus.scrapeConfigs.*.marathon_sd_configs.*.auth_token_file | Optional authentication information for token-based authentication:
https://docs.mesosphere.com/1.11/security/ent/iam-api/#passing-an-authentication-token
It is mutually exclusive with auth_token and other authentication mechanisms.
|
| services.snips-sh.settings | The configuration of snips-sh is done through environment variables,
therefore you must use upper snake case (e.g. SNIPS_HTTP_INTERNAL)
|
| services.zwave-js.settings | Configuration settings for the generated config file
|
| services.castopod.maxUploadSize | Maximum supported size for a file upload in
|
| services.grafana.settings.security.admin_password | Default admin password
|
| systemd.sockets.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| systemd.targets.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| environment.unixODBCDrivers | Specifies Unix ODBC drivers to be registered in
/etc/odbcinst.ini
|
| services.slurm.dbdserver.storagePassFile | Path to file with database password
|
| services.gitlab.secrets.otpFile | A file containing the secret used to encrypt secrets for OTP
tokens
|
| services.onlyoffice.jwtSecretFile | Path to a file that contains the secret to sign web requests using JSON Web Tokens
|
| services.athens.index.postgres.password | Password for the Postgres database
|
| services.athens.singleFlight.redis.password | Password for the redis server
|
| services.akkoma.config.":pleroma"."Pleroma.Web.Endpoint".live_view.signing_salt | LiveView signing salt
|
| services.inadyn.settings.custom.<name>.include | File to include additional settings for this provider from.
|
| services.misskey.database.passwordFile | The path to a file containing the database password
|
| services.prometheus.exporters.snmp.configurationPath | Path to a snmp exporter configuration file
|
| services.healthchecks.settings | Environment variables which are read by healthchecks (local)_settings.py
|
| services.uwsgi.instance | uWSGI configuration
|
| services.iperf3.authorizedUsersFile | Path to the configuration file containing authorized users credentials to run iperf tests.
|
| services.buildkite-agents.<name>.extraConfig | Extra lines to be added verbatim to the configuration file.
|
| services.postgresql.initialScript | A file containing SQL statements to execute on first startup.
|
| services.rke2.autoDeployCharts.<name>.values | Override default chart values via Nix expressions
|
| services.jigasi.componentPasswordFile | Path to file containing component secret.
|
| services.jicofo.componentPasswordFile | Path to file containing component secret.
|
| services.rsyncd.settings.globalSection | global section of an INI file (attrs of INI atom (null, bool, int, float or string))
|
| services.wyoming.satellite.sounds.awake | Path to audio file in WAV format to play when wake word is detected.
|
| services.collectd.validateConfig | Validate the syntax of collectd configuration file at build time
|
| services.grafana.settings.database.path | Only applicable to sqlite3 database
|
| services.reposilite.database.path | Path to the embedded database file
|
| services.whitebophir.enable | Whether to enable whitebophir, an online collaborative whiteboard server (persistent state will be maintained under /var/lib/whitebophir).
|
| services.buildkite-agents.<name>.tokenPath | The token from your Buildkite "Agents" page
|
| services.zabbixProxy.database.passwordFile | A file containing the password corresponding to
database.user.
|
| services.caddy.settings | Structured configuration for Caddy to generate a Caddy JSON configuration file
|
| services.prosody.httpFileShare.size_limit | Maximum file size, in bytes.
|
| services.silverbullet.envFile | File containing extra environment variables
|
| services.dex.environmentFile | Environment file (see systemd.exec(5)
"EnvironmentFile=" section for the syntax) to define variables for dex
|
| services.microsocks.authPasswordFile | Path to a file containing the password for authentication.
|
| programs.tsmClient.servers.<name>.inclexcl | Text lines with include.* and exclude.* directives
to be used when sending files to the IBM TSM server,
or an absolute path pointing to a file with such lines.
|
| services.zabbixWeb.nginx.virtualHost.basicAuthFile | Basic Auth password file for a vhost
|
| services.jirafeau.nginxConfig.basicAuthFile | Basic Auth password file for a vhost
|
| environment.profileRelativeSessionVariables | Attribute set of environment variable used in the global
environment
|
| services.pretix.environmentFile | Environment file to pass secret configuration values
|
| services.documize.stateDirectoryName | The name of the directory below /var/lib/private
where documize runs in and stores, for example, backups.
|
| services.schleuder.extraSettingsFile | YAML file to merge into the schleuder config at runtime
|
| virtualisation.xen.qemu.pidFile | Path to the QEMU PID file.
|
| services.dolibarr.database.passwordFile | Database password file.
|
| services.healthchecks.settingsFile | Environment variables which are read by healthchecks (local)_settings.py
|
| systemd.user.sockets.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| systemd.user.targets.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| services.cachix-agent.credentialsFile | Required file that needs to contain CACHIX_AGENT_TOKEN=...
|
| services.pipewire.extraConfig.client | Additional configuration for the PipeWire client library, used by most applications
|
| services.vlagent.remoteWrite.maxDiskUsagePerUrl | The maximum file-based buffer size in bytes
|
| services.netbird.server.coturn.passwordFile | The path to a file containing the password of the user used by netbird to connect to the coturn server.
|
| services.matrix-hookshot.settings.passFile | A passkey used to encrypt tokens stored inside the bridge
|
| services.kimai.sites.<name>.database.passwordFile | A file containing the password corresponding to
database.user.
|
| services.prometheus.exporters.dnssec.configuration | dnssec exporter configuration as nix attribute set
|
| services.displayManager.dms-greeter.logs.path | File path where DMS greeter logs will be saved
|
| services.cloudlog.database.passwordFile | MySQL user password file.
|
| services.opencloud.settings | Additional YAML configuration for OpenCloud services
|
| services.headscale.settings.derp.paths | List of file paths containing DERP maps
|
| services.wg-access-server.secretsFile | yaml file containing all secrets. this needs to be in the same structure as the configuration
|
| services.headscale.settings.policy.mode | The mode can be "file" or "database" that defines
where the ACL policies are stored and read from.
|
| powerManagement.cpuFreqGovernor | Configure the governor used to regulate the frequency of the
available CPUs
|