| services.librenms.database.createLocally | Whether to create a local database automatically.
|
| environment.wvdial.dialerDefaults | Contents of the "Dialer Defaults" section of
/etc/wvdial.conf.
|
| services.croc.debug | Whether to enable debug logs.
|
| services.diod.exportall | Export all file systems listed in /proc/mounts
|
| services.ebusd.mqtt.enable | Whether to enable support for MQTT.
|
| services.gitlab-runner.services.<name>.registrationConfigFile | Absolute path to a file with environment variables
used for gitlab-runner registration with runner registration
tokens
|
| services.keybase.enable | Whether to start the Keybase service.
|
| services.jenkins.group | If the default user "jenkins" is configured then this is the primary
group of that user.
|
| services.borgbackup.repos.<name>.quota | Storage quota for the repository
|
| networking.wireless.networks.<name>.bssid | If set, this network block is used only when associating with
the AP using the configured BSSID.
|
| services.dependency-track.settings."alpine.data.directory" | Defines the path to the data directory
|
| services.dgraph.alpha.host | The host which dgraph alpha will be run on.
|
| services.agorakit.nginx.default | Makes this vhost the default.
|
| services.h2o.package | The h2o package to use.
|
| services.guix.substituters.urls | A list of substitute servers' URLs for the Guix daemon to download
substitutes from.
|
| security.sudo.keepTerminfo | Whether to preserve the TERMINFO and TERMINFO_DIRS
environment variables, for root and the wheel group.
|
| services.cryptpad.settings.logToStdout | Controls whether log output should go to stdout of the systemd service
|
| services.geoclue2.enable3G | Whether to enable 3G source.
|
| boot.supportedFilesystems | Names of supported filesystem types, or an attribute set of file system types
and their state
|
| services.bacula-fd.director.<name>.password | Specifies the password that must be supplied for the default Bacula
Console to be authorized
|
| programs.gamescope.package | The gamescope package to use.
|
| services.firezone.server.domain.package | The firezone-server-domain package to use.
|
| services.hadoop.hdfs.namenode.enable | Whether to enable HDFS NameNode.
|
| services.ipfs-cluster.enable | Whether to enable Pinset orchestration for IPFS - requires ipfs daemon to be useful.
|
| services.amule.dataDir | Directory holding configuration and by default also incoming and temporary files
|
| services.druid.log4j | Log4j Configuration for the druid process
|
| services.ferretdb.settings | Additional configuration for FerretDB, see
https://docs.ferretdb.io/configuration/flags/
for supported values.
|
| services.icingaweb2.generalConfig | config.ini contents
|
| services.keter.globalKeterConfig | Global config for keter, see https://github.com/snoyberg/keter/blob/master/etc/keter-config.yaml for reference
|
| services.ergo.testnet | Connect to testnet network instead of the default mainnet.
|
| services.cross-seed.settings.linkDirs | List of directories where cross-seed will create links
|
| programs.weylus.package | The weylus package to use.
|
| services.librechat.package | The librechat package to use.
|
| services.gitlab.sidekiq.memoryKiller.shutdownWait | The time allowed for all jobs to finish before Sidekiq is
killed forcefully.
|
| services.jibri.xmppEnvironments | XMPP servers to connect to.
|
| services.homed.promptOnFirstBoot | Whether to enable interactively prompting for user creation on first boot
.
|
| networking.ucarp.srcIp | Source (real) IP address of this host.
|
| services.bacula-sd.enable | Whether to enable Bacula Storage Daemon.
|
| services.g810-led.package | The g810-led package to use.
|
| services.agorakit.nginx.sslCertificate | Path to server SSL certificate.
|
| networking.firewall.filterForward | Enable filtering in IP forwarding
|
| services.bepasty.servers.<name>.defaultPermissions | default permissions for all unauthenticated accesses.
|
| services.jack.loopback.index | Index of an ALSA loopback device.
|
| services.lemmy.ui.port | Port where lemmy-ui should listen for incoming requests.
|
| services.cjdns.extraConfig | Extra configuration, given as attrs, that will be merged recursively
with the rest of the JSON generated by this module, at the root node.
|
| services.borgbackup.jobs.<name>.prune.prefix | Only consider archive names starting with this prefix for pruning
|
| services.headscale.settings.ephemeral_node_inactivity_timeout | Time before an inactive ephemeral node is deleted.
|
| services.chhoto-url.settings.slug_length | The length of auto-generated slugs.
|
| services.jitsi-meet.jigasi.enable | Whether to enable jigasi instance and configure it to connect to Prosody
|
| services.dovecot2.mailUser | Default user to store mail for virtual users.
|
| hardware.sata.timeout.drives.*.idBy | The method to identify the drive.
|
| services.activemq.extraJavaOptions | Add extra options here that you want to be sent to the
Java runtime when the broker service is started.
|
| services.i2pd.inTunnels.<name>.crypto.tagsToSend | Number of ElGamal/AES tags to send.
|
| services.avahi.publish.enable | Whether to allow publishing in general.
|
| services.beesd.filesystems | BTRFS filesystems to run block-level deduplication on.
|
| services.hickory-dns.settings.zones.*.zone_type | One of:
- "Primary" (the master, authority for the zone).
- "Secondary" (the slave, replicated from the primary).
- "External" (a cached zone that queries other nameservers)
|
| services.bird-lg.frontend.navbar.allServersURL | URL of 'All servers' button.
|
| services.epmd.listenStream | the listenStream used by the systemd socket.
see https://www.freedesktop.org/software/systemd/man/systemd.socket.html#ListenStream= for more information.
use this to change the port epmd will run on.
if not defined, epmd will use "[::]:4369"
|
| hardware.rasdaemon.extraModules | extra kernel modules to load
|
| security.acme.certs.<name>.csrKey | Path to the private key to the matching certificate signing request.
|
| services.i2pd.ssu | Whether to enable ssu.
|
| services.cassandra.extraEnvSh | Extra shell lines to be appended onto cassandra-env.sh.
|
| services.dependency-track.oidc.loginButtonText | Defines the scopes to request for OpenID Connect
|
| services.cloudflared.enable | Whether to enable Cloudflare Tunnel client daemon (formerly Argo Tunnel).
|
| services.filebeat.package | The filebeat package to use.
|
| boot.initrd.kernelModules | Set of modules that are always loaded by the initrd
|
| services.headscale.settings.database.type | Database engine to use
|
| services.grafana.settings.security.csrf_trusted_origins | List of additional allowed URLs to pass by the CSRF check
|
| services.https-dns-proxy.provider.kind | The upstream provider to use or custom in case you do not trust any of
the predefined providers or just want to use your own
|
| services.jitsi-videobridge.xmppConfigs.<name>.hostName | Hostname of the XMPP server to connect to
|
| boot.initrd.network.ssh.enable | Start SSH service during initrd boot
|
| programs.tmux.reverseSplit | Reverse the window split shortcuts.
|
| services.cyrus-imap.cyrusSettings.SERVICES | This section is the heart of the cyrus.conf file
|
| services.c2fmzq-server.settings.verbose | The level of logging verbosity: 1:Error 2:Info 3:Debug
|
| services.knot-resolver.managerPackage | The knot-resolver-manager_6 package to use.
|
| services.dendrite.loadCredential | This can be used to pass secrets to the systemd service without adding them to
the nix store
|
| programs.coolercontrol.enable | Whether to enable CoolerControl GUI & its background services.
|
| services.i2pd.outTunnels.<name>.inbound.quantity | Number of simultaneous ‹name› tunnels.
|
| services.ananicy.extraRules | Rules to write in 'nixRules.rules'
|
| programs.tsmClient.servers.<name>.servername | Local name of the IBM TSM server,
must not contain space or more than 64 chars.
|
| programs.tsmClient.servers.<name>.passworddir | Directory that holds the TSM
node's password information.
|
| networking.interfaces.<name>.wakeOnLan.policy | The Wake-on-LAN policy
to set for the device
|
| services.ferm.package | The ferm package to use.
|
| services.hddfancontrol.settings.<drive-bay-name>.disks | Drive(s) to get temperature from
Can also use command substitution to automatically grab all matching drives; such as all scsi (sas) drives
|
| hardware.ubertooth.enable | Whether to enable Ubertooth software and its udev rules.
|
| services.bcg.mqtt.username | MQTT server access username.
|
| programs.firefox.preferences | Preferences to set from about:config
|
| services.firezone.server.openClusterFirewall | Opens up the erlang distribution port of all enabled components to
allow reaching the server cluster from the internet
|
| services.bitcoind.<name>.rpc.users.<name>.passwordHMAC | Password HMAC-SHA-256 for JSON-RPC connections
|
| hardware.display.edid.linuxhw | Exposes EDID files from users-sourced database at https://github.com/linuxhw/EDID
Attribute names will be mapped to EDID filenames <NAME>.bin
|
| services.kanboard.nginx.listenAddresses | Listen addresses for this virtual host
|
| services.etcd.peerKeyFile | Key file to use for peer to peer communication
|
| services.goss.environment | Environment variables to set for the goss service
|
| services.hadoop.yarn.nodemanager.restartIfChanged | Automatically restart the service on config change
|
| services.firefly-iii-data-importer.user | User account under which firefly-iii-data-importer runs.
|
| services.gitea.database.user | Database user.
|
| services.bookstack.settings.DB_PASSWORD_FILE | The file containing your mysql/mariadb database password.
|
| security.loginDefs.settings.TTYGROUP | The terminal permissions: the login tty will be owned by the TTYGROUP group,
and the permissions will be set to TTYPERM
|
| security.ipa.basedn | Base DN to use when performing LDAP operations.
|
| services.fediwall.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|