| services.tor.settings.ConnDirectionStatistics | See torrc manual.
|
| services.tor.settings.ExitPolicyRejectLocalInterfaces | See torrc manual.
|
| services.matrix-continuwuity.settings | Generates the continuwuity.toml configuration file
|
| security.pam.u2f.settings.origin | By default pam-u2f module sets the origin
to pam://$HOSTNAME
|
| services.sourcehut.settings."meta.sr.ht::api".internal-ipnet | Set of IP subnets which are permitted to utilize internal API
authentication
|
| services.geoipupdate.settings.LicenseKey | A file containing the MaxMind license key
|
| services.rosenpass.settings.public_key | Path to a file containing the public key of the local Rosenpass peer
|
| services.rosenpass.settings.secret_key | Path to a file containing the secret key of the local Rosenpass peer
|
| services.etebase-server.settings.global.media_root | The media directory.
|
| services.suricata.settings.vars.address-groups.MODBUS_SERVER | MODBUS_SERVER variable.
|
| services.suricata.settings.vars.address-groups.MODBUS_CLIENT | MODBUS_CLIENT variable
|
| services.matrix-synapse.settings.listeners.*.path | Unix domain socket path to bind this listener to.
|
| services.stash.settings.stash.*.excludevideo | Whether to exclude video files from being scanned into Stash
|
| services.stash.settings.stash.*.excludeimage | Whether to exclude image files from being scanned into Stash
|
| services.wstunnel.clients.<name>.enable | Whether to enable this wstunnel instance.
|
| services.wstunnel.servers.<name>.enable | Whether to enable this wstunnel instance.
|
| services.stash.settings.blobs_storage | Where to store blobs
|
| services.stash.settings.scrapers_path | Path to scrapers
|
| services.slskd.settings.global.upload.speed_limit | Total upload speed limit.
|
| services.invoiceplane.sites.<name>.settings | Structural InvoicePlane configuration
|
| services.nextcloud-spreed-signaling.settings | Declarative configuration
|
| services.suricata.settings.logging.outputs.syslog.format | Logformat for logs send to syslog.
|
| services.suricata.settings.logging.outputs.syslog.enable | Whether to enable logging to syslog.
|
| services.tor.settings.GuardfractionFile | See torrc manual.
|
| services.grafana.settings.security.admin_user | Default admin username.
|
| services.filesender.localDomain | The domain serving your FileSender instance.
|
| services.kerberos_server.settings | Settings for the kerberos server of choice
|
| security.pam.sshAgentAuth.enable | Whether to enable authenticating using a signature performed by the ssh-agent
|
| services.nezha-agent.settings.report_delay | The interval between system status reportings
|
| services.suricata.settings.dpdk | Data Plane Development Kit is a framework for fast packet processing in data plane applications running on a wide variety of CPU architectures
|
| services.headscale.settings.database.postgres.name | Database name.
|
| services.headscale.settings.database.postgres.user | Database user.
|
| services.sftpgo.settings.webdavd.bindings.*.address | Network listen address
|
| services.draupnir.settings.rawHomeserverUrl | Public base URL of the Matrix homeserver that provides the Client-Server API when using the Draupnir's
Report forwarding feature.
When using Pantalaimon, do not set this to the Pantalaimon URL!
|
| services.slskd.settings.soulseek.listen_port | The port on which to listen for incoming connections.
|
| services.slskd.settings.soulseek.description | The user description for the Soulseek network.
|
| services.warpgate.settings.mysql.certificate | Path to MySQL listener certificate.
|
| services.ncps.cache.redis.addresses | A list of host:port for the Redis servers that are part of a cluster
|
| services.netbird.server.dashboard.settings | An attribute set that will be used to substitute variables when building the dashboard
|
| services.spacecookie.settings.hostname | The hostname the service is reachable via
|
| services.suricata.settings.logging.default-log-format | The default output format
|
| services.syncthing.settings.options.relaysEnabled | When true, relays will be connected to and potentially used for device to device connections.
|
| services.pgbackrest.stanzas.<name>.settings | An attribute set of options as described in:
https://pgbackrest.org/configuration.html
All options can be used
|
| services.scrutiny.collector.settings.api.endpoint | Scrutiny app API endpoint for sending metrics to.
|
| services.stash.settings.preview_audio | Include audio stream in previews
|
| services.headscale.settings.database.postgres.port | Database host port.
|
| services.headscale.settings.database.postgres.host | Database host address.
|
| services.sourcehut.settings."builds.sr.ht::worker".bind-address | HTTP bind address for serving local build information/monitoring.
|
| services.firewalld.settings.NftablesCounters | Whether to add a counter to every nftables rule.
|
| services.pid-fan-controller.settings.heatSources.*.pidParams.D | K_d of PID controller.
|
| services.pid-fan-controller.settings.heatSources.*.pidParams.P | K_p of PID controller.
|
| services.pid-fan-controller.settings.heatSources.*.pidParams.I | K_i of PID controller.
|
| services.suricata.settings.vars.address-groups.EXTERNAL_NET | EXTERNAL_NET variable.
|
| services.grafana.settings.database.password | The database user's password (not applicable for sqlite3)
|
| services.wastebin.settings.WASTEBIN_DATABASE_PATH | Path to the sqlite3 database file
|
| services.crowdsec.settings.capi.credentialsFile | The CAPI credential file to use.
|
| services.crowdsec.settings.lapi.credentialsFile | The LAPI credential file to use.
|
| services.grafana.settings.smtp.from_address | Address used when sending out emails.
|
| hardware.bluetooth.settings | Set configuration for system-wide bluetooth (/etc/bluetooth/main.conf)
|
| services.dependency-track.settings."alpine.oidc.client.id" | Defines the client ID to be used for OpenID Connect
|
| services.tlsrpt.reportd.settings.http_script | Call to an HTTPS client, that accepts the URL on the commandline and the request body from stdin.
|
| services.sourcehut.settings."builds.sr.ht".migrate-on-upgrade | Whether to enable automatic migrations on package upgrade.
|
| services.sourcehut.settings."meta.sr.ht::billing".stripe-public-key | Public key for Stripe
|
| services.suwayomi-server.settings.server.systemTrayEnabled | Whether to enable a system tray icon, if possible.
|
| services.tor.settings.ClientRejectInternalAddresses | See torrc manual.
|
| services.sourcehut.settings."pages.sr.ht::api".internal-ipnet | Set of IP subnets which are permitted to utilize internal API
authentication
|
| services.wstunnel.clients.<name>.autoStart | Whether to enable starting this wstunnel instance automatically.
|
| services.wstunnel.servers.<name>.autoStart | Whether to enable starting this wstunnel instance automatically.
|
| services.sabnzbd.settings.misc.email_server | SMTP server for email alerts (server:host)
|
| services.sabnzbd.settings.misc.enable_https | Whether to enable HTTPS for the web UI
|
| services.bonsaid.settings.*.transitions | List of transitions out of this state
|
| services.crowdsec-firewall-bouncer.settings.api_url | URL of the local API.
|
| services.kanidm.serverSettings.origin | The origin of your Kanidm instance
|
| security.auditd.plugins.<name>.settings | Plugin-specific config file to link to /etc/audit/.conf
|
| services.transmission.settings.umask | Sets transmission's file mode creation mask
|
| security.agnos.settings.accounts.*.email | Email associated with this account.
|
| services.suricata.settings.logging.outputs.file.filename | Filename of the logfile.
|
| services.lemmy.database.createLocally | Whether to enable creation of database on the instance.
|
| services.suwayomi-server.settings.server.basicAuthUsername | The username value that you have to provide when authenticating.
|
| services.healthchecks.settings.SECRET_KEY_FILE | Path to a file containing the secret key.
|
| services.suricata.settings.pcap-file.checksum-checks | Possible values are:
- yes: checksum validation is forced
- no: checksum validation is disabled
- auto: Suricata uses a statistical approach to detect when
checksum off-loading is used. (default)
Warning: 'checksum-validation' must be set to yes to have checksum tested.
|
| services.wstunnel.servers.<name>.settings.restrict-to | Restrictions on the connections that the server will accept
|
| services.mysql.replication.role | Role of the MySQL server instance.
|
| services.suwayomi-server.settings.server.basicAuthEnabled | Whether to enable basic access authentication for Suwayomi-Server
|
| services.ferretdb.settings.FERRETDB_TELEMETRY | Enable or disable basic telemetry
|
| services.transmission.settings.utp-enabled | Whether to enable Micro Transport Protocol (µTP).
|
| services.stash.settings.calculate_md5 | Whether to calculate MD5 checksums for scene video files
|
| services.maubot.settings.server.ui_base_path | The base path for the UI.
|
| services.tor.settings.DoSRefuseSingleHopClientRendezvous | See torrc manual.
|
| programs.openvpn3.netcfg.settings | Options stored in /etc/openvpn3/netcfg.json configuration file
|
| services.grafana.settings.database.cache_mode | For sqlite3 only.
Shared cache setting used for connecting to the database.
|
| services.nextcloud-spreed-signaling.settings.mcu.type | The type of MCU to use
|
| services.syncthing.settings.folders.<name>.devices | The devices this folder should be shared with
|
| services.reposilite.settings.defaultFrontend | Whether to enable the default included frontend with a dashboard.
|
| services.matrix-synapse.settings.database.args.database | Name of the database when using the psycopg2 backend,
path to the database location when using sqlite3.
|
| services.nvme-rs.settings.email.smtp_username | SMTP username
|
| services.crab-hole.settings.blocklist.allow_list | List of allowlists
|
| services.taler.exchange.settings.exchange.MASTER_PUBLIC_KEY | Used by the exchange to verify information signed by the offline system.
|
| services.angrr.settings.temporary-root-policies.<name>.ignore-prefixes | List of path prefixes to ignore
|
| services.grafana.provision.alerting.rules.settings | Grafana rules configuration in Nix
|