| services.swapspace.settings.freetarget | Percentage of free space swapspace should aim for when adding swapspace
|
| services.wgautomesh.settings.peers.*.endpoint | Bootstrap endpoint for connecting to this Wireguard peer if no
other address is known or none are working.
|
| services.wgautomesh.settings.interface | Wireguard interface to manage (it is NOT created by wgautomesh, you
should use another NixOS option to create it such as
networking.wireguard.interfaces.wg0 = {...};).
|
| virtualisation.xen.store.settings | The OCaml-based Xen Store Daemon configuration
|
| services.grafana.provision.alerting.rules.settings.deleteRules | List of alert rule UIDs that should be deleted.
|
| services.immichframe.settings.Accounts | Accounts configuration, multiple are permitted
|
| services.geoipupdate.settings.LicenseKey | A file containing the MaxMind license key
|
| services.bonsaid.settings.*.event_name | Name of the event which should trigger this transition when received by bonsaid
|
| services.dependency-track.settings."alpine.oidc.enabled" | Defines if OpenID Connect will be used for user authentication
|
| services.maubot.settings.server.ui_base_path | The base path for the UI.
|
| services.tor.settings.AuthDirHasIPv6Connectivity | See torrc manual.
|
| services.canaille.settings.CANAILLE_SQL.DATABASE_URI | The SQL server URI
|
| programs.ryzen-monitor-ng.enable | Whether to enable ryzen_monitor_ng, a userspace application for setting and getting Ryzen SMU (System Management Unit) parameters via the ryzen_smu kernel driver
|
| virtualisation.xen.store.settings.quota.maxEntity | Entity limit for transactions.
|
| services.sourcehut.settings."meta.sr.ht::billing".stripe-secret-key | An absolute file path (which should be outside the Nix-store)
to a secret key for Stripe
|
| programs.captive-browser.enable | Whether to enable captive browser, a dedicated Chrome instance to log into captive portals without messing with DNS settings.
|
| services.sourcehut.settings.webhooks.private-key | An absolute file path (which should be outside the Nix-store)
to a base64-encoded Ed25519 key for signing webhook payloads
|
| services.moosefs.cgiserver.settings.GUISERV_LISTEN_PORT | Port for GUI server to listen on.
|
| services.draupnir.settings.rawHomeserverUrl | Public base URL of the Matrix homeserver that provides the Client-Server API when using the Draupnir's
Report forwarding feature.
When using Pantalaimon, do not set this to the Pantalaimon URL!
|
| services.adguardhome.settings | AdGuard Home configuration
|
| services.wstunnel.servers.<name>.settings.restrict-to.*.host | The hostname.
|
| services.wstunnel.servers.<name>.settings.restrict-to.*.port | The port.
|
| services.slskd.settings.global.download.speed_limit | Total upload download limit
|
| services.suricata.settings.logging.default-output-filter | A regex to filter output
|
| services.nvme-rs.settings.email.smtp_username | SMTP username
|
| services.anubis.instances.<name>.settings.BIND_NETWORK | The network family that Anubis should bind to
|
| services.minidlna.settings.enable_tivo | Support for streaming .jpg and .mp3 files to a TiVo supporting HMO.
|
| services.nextcloud-spreed-signaling.settings.nats.url | URL of one or more NATS backends to use
|
| services.epgstation.settings.mirakurunPath | URL to connect to Mirakurun.
|
| services.opensearch.settings."discovery.type" | The type of discovery to use.
|
| services.grafana-image-renderer.settings.rendering.args | List of CLI flags passed to chromium.
|
| services.listmonk.database.settings.smtp.*.max_conns | Maximum number of simultaneous connections, defaults to 1
|
| services.mautrix-discord.settings.homeserver | fullDataDiration
|
| services.vault-agent.instances.<name>.settings.pid_file | Path to use for the pid file.
|
| services.anubis.instances.<name>.settings.SERVE_ROBOTS_TXT | Whether to serve a default robots.txt that denies access to common AI bots by name and all other
bots by wildcard.
|
| services.rosenpass.settings.public_key | Path to a file containing the public key of the local Rosenpass peer
|
| services.rosenpass.settings.secret_key | Path to a file containing the secret key of the local Rosenpass peer
|
| services.litellm.settings.litellm_settings | LiteLLM Module settings
|
| services.litellm.settings.general_settings | LiteLLM Server settings
|
| services.waagent.settings.Provisioning.Agent | Which provisioning agent to use.
|
| services.consul-template.instances.<name>.settings | Free-form settings written directly to the config.json file
|
| services.syncthing.settings.options.localAnnouncePort | The port on which to listen and send IPv4 broadcast announcements to.
|
| services.pretix.settings.pretix.registration | Whether to allow registration of new admin users.
|
| services.moosefs.cgiserver.settings.GUISERV_LISTEN_HOST | IP address to bind GUI server to (* means any).
|
| services.homebridge.settings.platforms.*.name | Name of the platform
|
| services.glitchtip.settings.GLITCHTIP_DOMAIN | The URL under which GlitchTip is externally reachable.
|
| services.opensearch.settings."transport.port" | The port to listen on for transport traffic.
|
| services.tor.settings.PublishHidServDescriptors | See torrc manual.
|
| services.tor.settings.MaxAdvertisedBandwidth | See torrc manual.
|
| services.ocsinventory-agent.settings.debug | Whether to enable debug mode.
|
| services.mautrix-meta.instances.<name>.settings | config.yaml configuration as a Nix attribute set
|
| services.mautrix-discord.settings.appservice | Appservice configuration
|
| services.bitmagnet.settings.http_server.port | HTTP server listen port
|
| services.grafana.settings.server.enable_gzip | Set this option to true to enable HTTP compression, this can improve transfer speed and bandwidth utilization
|
| services.transmission.settings.umask | Sets transmission's file mode creation mask
|
| services.dependency-track.settings."alpine.database.url" | Specifies the JDBC URL to use when connecting to the database.
|
| services.pretalx.settings.files.upload_limit | Maximum file upload size in MiB.
|
| services.printing.cups-pdf.instances.<name>.settings.GhostScript | location of GhostScript binary
|
| virtualisation.cri-o.settings | Configuration for cri-o, see
https://github.com/cri-o/cri-o/blob/master/docs/crio.conf.5.md.
|
| services.grafana.provision.alerting.rules.settings.deleteRules.*.uid | Unique identifier for the rule
|
| services.hercules-ci-agent.settings.clusterJoinTokenPath | Location of the cluster-join-token.key file
|
| services.tor.settings.FetchUselessDescriptors | See torrc manual.
|
| services.authelia.instances.<name>.settings | Your Authelia config.yml as a Nix attribute set
|
| services.sourcehut.settings."hg.sr.ht".connection-string | SQLAlchemy connection string for the database.
|
| services.dendrite.settings.media_api.base_path | Storage path for uploaded media.
|
| services.sabnzbd.settings.misc.email_endjob | Whether to send emails on job completion
|
| networking.networkmanager.ensureProfiles.profiles | Declaratively define NetworkManager profiles
|
| services.matrix-appservice-irc.settings.database | Configuration for the database
|
| services.wstunnel.servers.<name>.settings.restrict-to | Restrictions on the connections that the server will accept
|
| services.vault-agent.instances.<name>.settings.template | Template section of vault-agent
|
| services.journald.upload.settings.Upload.NetworkTimeoutSec | When network connectivity to the server is lost, this option
configures the time to wait for the connectivity to get restored
|
| services.grafana.provision.alerting.rules.settings.deleteRules.*.orgId | Organization ID, default = 1
|
| services.spacecookie.settings.hostname | The hostname the service is reachable via
|
| services.headscale.settings.dns.nameservers.global | List of nameservers to pass to Tailscale clients.
|
| services.suwayomi-server.settings.server.extensionRepos | URL of repositories from which the extensions can be installed.
|
| services.stash.settings.stash.*.excludeimage | Whether to exclude image files from being scanned into Stash
|
| services.stash.settings.stash.*.excludevideo | Whether to exclude video files from being scanned into Stash
|
| services.nncp.daemon.socketActivation.listenStreams | TCP sockets to bind to
|
| services.syncthing.settings.folders.<name>.devices | The devices this folder should be shared with
|
| services.lldap.settings.ldap_user_pass | Password for default admin password
|
| services.veilid.settings.core.capabilities.disable | A list of capabilities to disable (for example, DHTV to say you cannot store DHT information).
|
| services.taler.exchange.settings.exchange.CURRENCY_ROUND_UNIT | Smallest amount in this currency that can be transferred using the underlying RTGS
|
| services.nezha-agent.settings.report_delay | The interval between system status reportings
|
| services.tor.settings.ExitPolicyRejectLocalInterfaces | See torrc manual.
|
| services.tor.settings.ConnDirectionStatistics | See torrc manual.
|
| services.firewalld.settings.NftablesTableOwner | If enabled, the generated nftables rule set will be owned exclusively by firewalld
|
| services.nextcloud-spreed-signaling.settings.https.key | Path to the private key used for the HTTPS listener
|
| services.sourcehut.settings."hub.sr.ht".connection-string | SQLAlchemy connection string for the database.
|
| services.sourcehut.settings."git.sr.ht".connection-string | SQLAlchemy connection string for the database.
|
| services.sourcehut.settings."man.sr.ht".connection-string | SQLAlchemy connection string for the database.
|
| services.limesurvey.nginx.virtualHost.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.dependency-track.settings."alpine.oidc.teams.default" | Defines one or more team names that auto-provisioned OIDC users shall be added to
|
| services.prometheus.exporters.fritz.settings.devices | Fritz!-devices to monitor using the exporter.
|
| services.anuko-time-tracker.settings.defaultLanguage | Defines Anuko Time Tracker default language
|
| services.listmonk.database.settings.messengers | List of messengers, see: https://github.com/knadh/listmonk/blob/master/models/settings.go#L64-L74 for options.
|
| services.grafana-image-renderer.settings.rendering.width | Width of the PNG used to display the alerting graph.
|
| services.suwayomi-server.settings.server.basicAuthPasswordFile | The password file containing the value that you have to provide when authenticating.
|
| services.tinc.networks.<name>.hostSettings.<name>.settings | Configuration for this host
|
| services.matrix-appservice-irc.settings.ircService.mediaProxy.bindPort | Port that the media proxy binds to.
|
| services.sourcehut.settings."builds.sr.ht::worker".buildlogs | Path to write build logs.
|