| services.vmalert.instances.<name>.enable | Wether to enable VictoriaMetrics's vmalert.
vmalert evaluates alerting and recording rules against a data source, sends notifications via Alertmanager.
|
| services.gitlab-runner.services.<name>.postBuildScript | Runner-specific command script executed after code is pulled
and just after build executes.
|
| services.syncoid.commands.<name>.sendOptions | Advanced options to pass to zfs send
|
| services.syncoid.commands.<name>.recvOptions | Advanced options to pass to zfs recv
|
| services.firezone.server.provision.accounts.<name>.actors | All actors (users) to provision
|
| services.radicle.httpd.nginx.locations.<name>.index | Adds index directive.
|
| services.radicle.httpd.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.postfix.settings.master.<name>.wakeup | Automatically wake up the service after the specified number of
seconds
|
| services.influxdb2.provision.organizations.<name>.auths.<name>.id | A unique identifier for this authentication token
|
| services.restic.backups.<name>.initialize | Create the repository if it doesn't exist.
|
| services.easytier.instances.<name>.extraArgs | Extra args append to the easytier command-line.
|
| services.logrotate.settings.<name>.enable | Whether to enable setting individual kill switch.
|
| security.pam.services.<name>.kwallet.enable | If enabled, pam_wallet will attempt to automatically unlock the
user's default KDE wallet upon login
|
| security.pam.services.<name>.duoSecurity.enable | If set, use the Duo Security pam module
pam_duo for authentication
|
| services.borgbackup.jobs.<name>.extraPruneArgs | Additional arguments for borg prune
|
| services.firewalld.zones.<name>.ports.*.protocol | |
| services.dokuwiki.sites.<name>.settings | Structural DokuWiki configuration
|
| services.github-runners.<name>.noDefaultLabels | Disables adding the default labels
|
| security.acme.certs.<name>.server | ACME Directory Resource URI
|
| services.honk.username | The admin account username.
|
| security.wrappers.<name>.setgid | Whether to add the setgid bit the wrapper program.
|
| security.wrappers.<name>.setuid | Whether to add the setuid bit the wrapper program.
|
| users.extraUsers.<name>.isNormalUser | Indicates whether this is an account for a “real” user
|
| services.gitlab-runner.services.<name>.dockerPullPolicy | Default pull-policy for Docker images
|
| systemd.network.networks.<name>.fairQueueingControlledDelayConfig | Each attribute in this set specifies an option in the
[FairQueueingControlledDelay] section of the unit
|
| services.roundcube.database.dbname | Name of the postgresql database
|
| services.nominatim.database.dbname | Name of the postgresql database.
|
| services.tahoe.nodes.<name>.client.introducer | The furl for a Tahoe introducer node
|
| services.jupyterhub.kernels.<name>.logo32 | Path to 32x32 logo png.
|
| services.jupyterhub.kernels.<name>.logo64 | Path to 64x64 logo png.
|
| services.tinc.networks.<name>.ed25519PrivateKeyFile | Path of the private ed25519 keyfile.
|
| services.ghostunnel.servers.<name>.allowAll | If true, allow all clients, do not check client cert subject.
|
| networking.supplicant.<name>.bridge | Name of the bridge interface that wpa_supplicant should listen at.
|
| services.znc.confOptions.networks.<name>.channels | IRC channels to join.
|
| services.rke2.manifests.<name>.content | Content of the manifest file
|
| services.biboumi.settings.db_name | The name of the database to use
|
| services.openvpn.servers.<name>.authUserPass | This option can be used to store the username / password credentials
with the "auth-user-pass" authentication method
|
| services.davis.nginx.serverName | Name of this virtual host
|
| services.movim.nginx.serverName | Name of this virtual host
|
| services.slskd.nginx.serverName | Name of this virtual host
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.eap_id | Identity to use as peer identity during EAP authentication
|
| programs.dms-shell.plugins.<name>.enable | Whether to enable this plugin
|
| services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.xauth_id | Client XAuth username used in the XAuth exchange.
|
| services.borgbackup.jobs.<name>.privateTmp | Set the PrivateTmp option for
the systemd-service
|
| services.wstunnel.servers.<name>.restrictTo.*.port | The port.
|
| services.wstunnel.servers.<name>.restrictTo.*.host | The hostname.
|
| services.firewalld.zones.<name>.protocols | Protocols to allow in the zone.
|
| services.zeronsd.servedNetworks.<name>.package | The zeronsd package to use.
|
| services.strongswan-swanctl.swanctl.secrets.pkcs12.<name>.file | File name in the pkcs12 folder for which this
passphrase should be used.
|
| services.gitlab-runner.services.<name>.executor | Select executor, eg. shell, docker, etc
|
| services.fluidd.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.gancio.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.akkoma.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.fedimintd.<name>.nginx.config.extraConfig | These lines go to the end of the vhost verbatim.
|
| services.matomo.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.monica.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.postfix.settings.master.<name>.chroot | Whether the service is chrooted to have only access to the
services.postfix.queueDir and the closure of
store paths specified by the program option.
|
| services.firewalld.zones.<name>.forwardPorts.*.to-addr | Destination IP address.
|
| services.borgbackup.jobs.<name>.prune.prefix | Only consider archive names starting with this prefix for pruning
|
| services.blockbook-frontend.<name>.enable | Whether to enable blockbook-frontend application.
|
| services.strongswan-swanctl.swanctl.connections.<name>.pools | List of named IP pools to allocate virtual IP addresses
and other configuration attributes from
|
| services.firewalld.services.<name>.sourcePorts.*.port | |
| users.extraUsers.<name>.isSystemUser | Indicates if the user is a system user or not
|
| services.borgbackup.jobs.<name>.dumpCommand | Backup the stdout of this program instead of filesystem paths
|
| services.ttyd.username | Username for basic http authentication.
|
| services.httpd.virtualHosts.<name>.globalRedirect | If set, all requests for this host are redirected permanently to
the given URL.
|
| services.fediwall.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.dolibarr.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.anuko-time-tracker.nginx.locations.<name>.root | Root directory for requests.
|
| services.agorakit.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.kanboard.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.librenms.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.mainsail.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.pixelfed.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.vdirsyncer.jobs.<name>.config.statusPath | vdirsyncer's status path
|
| services.blockbook-frontend.<name>.coinName | See https://github.com/trezor/blockbook/blob/master/bchain/coins/blockchain.go#L61
for current of coins supported in master (Note: may differ from release).
|
| services.radicle.httpd.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.jibri.xmppEnvironments.<name>.control.login.username | User part of the JID.
|
| boot.initrd.luks.devices.<name>.yubikey | The options to use for this LUKS device in YubiKey-PBA
|
| services.tarsnap.archives.<name>.includes | Include only files and directories matching these
patterns (the empty list includes everything)
|
| services.mautrix-meta.instances.<name>.enable | Whether to enable Mautrix-Meta, a Matrix <-> Facebook and Matrix <-> Instagram hybrid puppeting/relaybot bridge.
|
| services.bepasty.servers.<name>.secretKeyFile | A file that contains the server secret for safe session cookies, must be set.
secretKeyFile takes precedence over secretKey
|
| services.consul-template.instances.<name>.user | User under which this instance runs.
|
| environment.etc.<name>.mode | If set to something else than symlink,
the file is copied instead of symlinked, with the given
file mode.
|
| services.ghostunnel.servers.<name>.listen | Address and port to listen on (can be HOST:PORT, unix:PATH).
|
| services.ghostunnel.servers.<name>.target | Address to forward connections to (can be HOST:PORT or unix:PATH).
|
| security.acme.certs.<name>.listenHTTP | Interface and port to listen on to solve HTTP challenges
in the form [INTERFACE]:PORT
|
| services.openvpn.servers.<name>.authUserPass.password | The password to store inside the credentials file.
|
| services.fcgiwrap.instances.<name>.socket.type | Socket type: 'unix', 'tcp' or 'tcp6'.
|
| services.fcgiwrap.instances.<name>.socket.user | User to be set as owner of the UNIX socket.
|
| services.v4l2-relayd.instances.<name>.output.format | The video-format to write to output-stream.
|
| services.znc.confOptions.networks.<name>.password | IRC server password, such as for a Slack gateway.
|
| services.orangefs.server.fileSystems.<name>.troveSyncData | Sync data.
|
| services.vdirsyncer.jobs.<name>.config.general | general configuration
|
| services.drupal.sites.<name>.virtualHost.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.blockbook-frontend.<name>.public | Public http server binding [address]:port.
|
| services.firewalld.services.<name>.includes | Services to include for the service.
|
| services.restic.backups.<name>.createWrapper | Whether to generate and add a script to the system path, that has the same environment variables set
as the systemd service
|
| services.influxdb2.provision.organizations.<name>.auths.<name>.allAccess | Grants all permissions in the associated organization.
|
| networking.bridges.<name>.rstp | Whether the bridge interface should enable rstp.
|