| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.reqid | Fixed reqid to use for this CHILD_SA
|
| services.firewalld.zones.<name>.interfaces | Interfaces to bind.
|
| services.wyoming.faster-whisper.servers.<name>.device | Determines the platform faster-whisper is run on
|
| services.wordpress.sites.<name>.virtualHost.listen | Listen addresses and ports for this virtual host.
This option overrides addSSL, forceSSL and onlySSL
|
| services.i2pd.outTunnels.<name>.destinationPort | Connect to particular port at destination.
|
| services.nebula.networks.<name>.lighthouse.dns.port | UDP port number for lighthouse DNS server.
|
| power.ups.upsmon.monitor.<name>.powerValue | Number of power supplies that the UPS feeds on this system
|
| systemd.user.targets.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| systemd.user.sockets.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| users.extraUsers.<name>.description | A short description of the user account, typically the
user's full name
|
| services.fcgiwrap.instances.<name>.process.user | User as which this instance of fcgiwrap will be run
|
| services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.pubkeys | List of raw public key candidates to use for
authentication
|
| services.davis.nginx.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.slskd.nginx.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.movim.nginx.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.printing.cups-pdf.instances.<name>.confFileText | This will contain the contents of cups-pdf.conf for this instance, derived from settings
|
| services.zabbixWeb.nginx.virtualHost.locations.<name>.tryFiles | Adds try_files directive.
|
| systemd.paths.<name>.startLimitBurst | Configure unit start rate limiting
|
| services.radicle.httpd.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.gitlab-runner.services.<name>.debugTraceDisabled | When set to true Runner will disable the possibility of
using the CI_DEBUG_TRACE feature.
|
| networking.vswitches.<name>.interfaces.<name>.type | Openvswitch type to assign to interface
|
| networking.vswitches.<name>.interfaces.<name>.vlan | Vlan tag to apply to interface
|
| services.i2pd.proto.http.hostname | Expected hostname for WebUI.
|
| services.prometheus.exporters.sql.configuration.jobs.<name>.queries.<name>.query | The SQL query to run.
|
| services.snapper.configs.<name>.TIMELINE_CLEANUP | Defines whether the timeline cleanup algorithm should be run for the config.
|
| services.fedimintd.<name>.nginx.config.locations | Declarative location config
|
| services.jirafeau.nginxConfig.locations.<name>.alias | Alias directory for requests.
|
| services.jirafeau.nginxConfig.locations.<name>.index | Adds index directive.
|
| security.auditd.plugins.<name>.path | This is the absolute path to the plugin executable.
|
| services.postfix.masterConfig.<name>.privileged | |
| services.bacula-sd.director.<name>.tls.caCertificateFile | The path specifying a PEM encoded TLS CA certificate(s)
|
| services.bacula-fd.director.<name>.tls.caCertificateFile | The path specifying a PEM encoded TLS CA certificate(s)
|
| services.grafana.provision.alerting.contactPoints.settings.contactPoints.*.name | Name of the contact point
|
| systemd.sockets.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| systemd.targets.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| systemd.sockets.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| systemd.targets.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| services.wordpress.sites.<name>.virtualHost.enableACME | Whether to ask Let's Encrypt to sign a certificate for this vhost
|
| security.pam.services.<name>.allowNullPassword | Whether to allow logging into accounts that have no password
set (i.e., have an empty password field in
/etc/passwd or
/etc/group)
|
| services.autosuspend.checks.<name>.enabled | Whether to enable this activity check.
|
| services.keepalived.vrrpScripts.<name>.timeout | Seconds after which script is considered to have failed.
|
| services.firewalld.zones.<name>.masquerade | Whether to enable masquerading in the zone.
|
| boot.initrd.luks.devices.<name>.yubikey.slot | Which slot on the YubiKey to challenge.
|
| networking.fooOverUDP.<name>.local.dev | Network device to bind to.
|
| services.tor.relay.onionServices.<name>.authorizeClient.clientNames | Only clients that are listed here are authorized to access the hidden service
|
| services.namecoind.rpc.port | Port the RPC server will bind to.
|
| users.extraUsers.<name>.expires | Set the date on which the user's account will no longer be
accessible
|
| services.firezone.server.provision.accounts.<name>.policies | All policies to provision
|
| services.pgbackrest.repos.<name>.sftp-private-key-file | SFTP private key file
|
| services.fedimintd.<name>.nginx.config.serverAliases | Additional names of virtual hosts served by this virtual host configuration.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.ipcomp | Enable IPComp compression before encryption
|
| services.snipe-it.nginx.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.snapper.configs.<name>.TIMELINE_LIMIT_HOURLY | Limits for timeline cleanup.
|
| services.snapper.configs.<name>.TIMELINE_LIMIT_YEARLY | Limits for timeline cleanup.
|
| services.snapper.configs.<name>.TIMELINE_LIMIT_WEEKLY | Limits for timeline cleanup.
|
| services.mosquitto.bridges.<name>.addresses | Remote endpoints for the bridge.
|
| services.influxdb2.provision.organizations.<name>.auths.<name>.readBuckets | The organization's buckets which should be allowed to be read
|
| services.consul-template.instances.<name>.enable | Whether to enable this consul-template instance.
|
| services.dolibarr.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.librenms.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.kanboard.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.fediwall.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.bookstack.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.agorakit.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.mainsail.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.pixelfed.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.wordpress.sites.<name>.virtualHost.sslServerChain | Path to server SSL chain file.
|
| services.tarsnap.archives.<name>.cachedir | The cache allows tarsnap to identify previously stored data
blocks, reducing archival time and bandwidth usage
|
| security.acme.certs.<name>.extraLegoRunFlags | Additional flags to pass to lego run.
|
| systemd.user.units.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| systemd.user.paths.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| services.httpd.virtualHosts.<name>.listenAddresses | Listen addresses for this virtual host
|
| services.anuko-time-tracker.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.anuko-time-tracker.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.samba-wsdd.hostname | Override (NetBIOS) hostname to be used (default hostname).
|
| systemd.user.paths.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| services.tor.relay.onionServices.<name>.settings.RendPostPeriod | See torrc manual.
|
| services.borgbackup.jobs.<name>.failOnWarnings | Fail the whole backup job if any borg command returns a warning
(exit code 1), for example because a file changed during backup.
|
| boot.loader.grub.users.<name>.password | Specifies the clear text password for the account
|
| services.v4l2-relayd.instances.<name>.extraPackages | Extra packages to add to GST_PLUGIN_PATH for the instance.
|
| services.nebula.networks.<name>.firewall.outbound | Firewall rules for outbound traffic.
|
| systemd.sockets.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| systemd.targets.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| boot.specialFileSystems.<name>.fsType | Type of the file system
|
| systemd.timers.<name>.timerConfig | Each attribute in this set specifies an option in the
[Timer] section of the unit
|
| services.borgbackup.repos.<name>.allowSubRepos | Allow clients to create repositories in subdirectories of the
specified path
|
| services.openbao.settings.listener.<name>.address | The TCP address or UNIX socket path to listen on.
|
| services.influxdb2.provision.organizations.<name>.auths.<name>.operator | Grants all permissions in all organizations.
|
| services.librenms.database.username | Name of the user on the MySQL/MariaDB server
|
| services.github-runners.<name>.tokenFile | The full path to a file which contains either
- a fine-grained personal access token (PAT),
- a classic PAT
- or a runner registration token
Changing this option or the tokenFile’s content triggers a new runner registration
|
| networking.sits.<name>.remote | The address of the remote endpoint to forward traffic over.
|
| services.syncthing.settings.folders.<name>.path | The path to the folder which should be shared
|
| services.snapserver.streams.<name>.sampleFormat | Default sample format.
|
| services.armagetronad.servers.<name>.dns | DNS address to use for this server
|
| services.invoiceplane.sites.<name>.enable | Whether to enable InvoicePlane web application.
|
| services.jirafeau.nginxConfig.locations.<name>.tryFiles | Adds try_files directive.
|
| services.cjdns.ETHInterface.connectTo.<name>.password | Authorized password to the opposite end of the tunnel.
|
| services.cjdns.UDPInterface.connectTo.<name>.password | Authorized password to the opposite end of the tunnel.
|
| services.reposilite.database.dbname | Database name.
|
| services.wordpress.sites.<name>.virtualHost.extraConfig | These lines go to httpd.conf verbatim
|