| services.fedimintd.<name>.nginx.config.globalRedirect | If set, all requests for this host are redirected (defaults to 301,
configurable with redirectCode) to the given hostname.
|
| services.syncthing.settings.folders.<name>.enable | Whether to share this folder
|
| services.inadyn.settings.provider.<name>.password | Password for this DDNS provider
|
| systemd.user.slices.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| systemd.user.timers.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| services.firewalld.zones.<name>.icmpBlockInversion | Whether to invert the icmp block handling
|
| services.blockbook-frontend.<name>.rpc.password | RPC password for JSON-RPC connections
|
| services.bookstack.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.jitsi-videobridge.xmppConfigs.<name>.userName | User part of the JID.
|
| services.networkd-dispatcher.rules.<name>.onState | List of names of the systemd-networkd operational states which
should trigger the script
|
| systemd.user.timers.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| systemd.user.slices.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| services.nginx.virtualHosts.<name>.sslCertificateKey | Path to server SSL certificate key.
|
| security.wrappers.<name>.setgid | Whether to add the setgid bit the wrapper program.
|
| security.wrappers.<name>.setuid | Whether to add the setuid bit the wrapper program.
|
| services.fedimintd.<name>.nginx.config.redirectCode | HTTP status used by globalRedirect and forceSSL
|
| services.postfix.settings.master.<name>.privileged | |
| services.invoiceplane.sites.<name>.cron.enable | Enable cron service which periodically runs Invoiceplane tasks
|
| systemd.user.units.<name>.requiredBy | Units that require (i.e. depend on and need to go down with) this unit
|
| systemd.user.paths.<name>.requiredBy | Units that require (i.e. depend on and need to go down with) this unit
|
| systemd.user.paths.<name>.conflicts | If the specified units are started, then this unit is stopped
and vice versa.
|
| services.restic.backups.<name>.environmentFile | file containing the credentials to access the repository, in the
format of an EnvironmentFile as described by systemd.exec(5)
|
| services.firewalld.zones.<name>.description | Description for the zone.
|
| services.nebula.networks.<name>.lighthouse.dns.host | IP address on which nebula lighthouse should serve DNS.
'localhost' is a good default to ensure the service does not listen on public interfaces;
use a Nebula address like 10.0.0.5 to make DNS resolution available to nebula hosts only.
|
| services.ghostunnel.servers.<name>.unsafeTarget | If set, does not limit target to localhost, 127.0.0.1, [::1], or UNIX sockets
|
| services.angrr.settings.profile-policies.<name>.keep-latest-n | Keep the latest N GC roots in this profile.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.priority | Optional fixed priority for IPsec policies
|
| services.fediwall.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.dolibarr.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.agorakit.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.kanboard.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.librenms.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.mainsail.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.pixelfed.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.jirafeau.nginxConfig.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| boot.initrd.luks.devices.<name>.gpgCard.gracePeriod | Time in seconds to wait for the GPG Smartcard.
|
| services.gitlab-runner.services.<name>.dockerPrivileged | Give extended privileges to container.
|
| services.jitsi-videobridge.xmppConfigs.<name>.mucJids | JID of the MUC to join
|
| environment.etc.<name>.mode | If set to something else than symlink,
the file is copied instead of symlinked, with the given
file mode.
|
| systemd.paths.<name>.requisite | Similar to requires
|
| services.jibri.xmppEnvironments.<name>.xmppDomain | The base XMPP domain.
|
| services.h2o.hosts.<name>.tls.identity.*.certificate-file | Path to certificate file
|
| users.mysql.pam.userColumn | The name of the column that contains a unix login name.
|
| systemd.user.services.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| openstack.zfs.datasets.<name>.mount | Where to mount this dataset.
|
| services.gitlab-runner.services.<name>.dockerAllowedServices | Whitelist allowed services.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children | CHILD_SA configuration sub-section
|
| services.netbird.clients.<name>.openInternalFirewall | Opens up internal firewall ports for the NetBird's network interface.
|
| services.netbird.tunnels.<name>.openInternalFirewall | Opens up internal firewall ports for the NetBird's network interface.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.remote_ts | List of remote selectors to include in CHILD_SA
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.rand_time | Time range from which to choose a random value to subtract from
rekey_time
|
| containers.<name>.extraVeths.<name>.forwardPorts.*.hostPort | Source port of the external interface on host
|
| services.blockbook-frontend.<name>.templateDir | Location of the HTML templates
|
| security.acme.certs.<name>.extraLegoRenewFlags | Additional flags to pass to lego renew.
|
| systemd.network.networks.<name>.DHCP | Whether to enable DHCP on the interfaces matched.
|
| services.invoiceplane.sites.<name>.poolConfig | Options for the InvoicePlane PHP pool
|
| networking.fooOverUDP.<name>.local.address | Local address to bind to
|
| services.zabbixWeb.nginx.virtualHost.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.zabbixWeb.httpd.virtualHost.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.dovecot2.mailPlugins.perProtocol.<name>.enable | mail plugins to enable as a list of strings to append to the corresponding per-protocol $mail_plugins configuration variable
|
| services.authelia.instances.<name>.secrets.jwtSecretFile | Path to your JWT secret used during identity verificaton.
|
| services.wordpress.sites.<name>.database.passwordFile | A file containing the password corresponding to
database.user.
|
| boot.initrd.luks.devices.<name>.keyFileTimeout | The amount of time in seconds for a keyFile to appear before
timing out and trying passwords.
|
| services.wordpress.sites.<name>.virtualHost.serverAliases | Additional names of virtual hosts served by this virtual host configuration.
|
| services.wordpress.sites.<name>.virtualHost.robotsEntries | Specification of pages to be ignored by web crawlers
|
| services.hostapd.radios.<name>.dynamicConfigScripts | All of these scripts will be executed in lexicographical order before hostapd
is started, right after the global segment was generated and may dynamically
append global options the generated configuration file
|
| services.grafana.provision.alerting.templates.settings.deleteTemplates.*.name | Name of the template, must be unique
|
| services.github-runners.<name>.serviceOverrides | Modify the systemd service
|
| services.hostapd.radios.<name>.networks.<name>.authentication.saePasswords.*.mac | If this attribute is not included, or if is set to the wildcard address (ff:ff:ff:ff:ff:ff),
the entry is available for any station (client) to use
|
| services.borgbackup.jobs.<name>.removableDevice | Whether the repo (which must be local) is a removable device.
|
| services.influxdb2.provision.users.<name>.present | Whether to ensure that this user is present or absent.
|
| services.nextcloud-spreed-signaling.backends.<name>.secretFile | The path to the file containing the value for backends.<name>.secret
|
| services.outline.smtp.username | Username to authenticate with.
|
| services.blockbook-frontend.<name>.rpc.passwordFile | File containing password of the RPC user
|
| services.wordpress.sites.<name>.database.createLocally | Create the database and database user locally.
|
| services.kanidm.provision.systems.oauth2.<name>.imageFile | Application image to display in the WebUI
|
| services.hostapd.radios.<name>.networks.<name>.authentication.saePasswords.*.pk | If this attribute is given, SAE-PK will be enabled for this connection
|
| security.auditd.plugins.<name>.args | This allows you to pass arguments to the child program
|
| services.armagetronad.servers.<name>.enable | Whether to enable armagetronad.
|
| boot.initrd.luks.devices.<name>.keyFileSize | The size of the key file
|
| systemd.services.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| services.hostapd.radios.<name>.wifi6.multiUserBeamformer | HE multi user beamformee support
|
| services.beesd.filesystems.<name>.verbosity | Log verbosity (syslog keyword/level).
|
| services.tarsnap.archives.<name>.explicitSymlinks | Whether to follow symlinks specified as archives.
|
| services.wordpress.sites.<name>.database.tablePrefix | The $table_prefix is the value placed in the front of your database tables
|
| services.anuko-time-tracker.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| programs.neovim.runtime.<name>.source | Path of the source file.
|
| networking.bridges.<name>.rstp | Whether the bridge interface should enable rstp.
|
| networking.greTunnels.<name>.dev | The underlying network device on which the tunnel resides.
|
| services.tailscale.serve.services.<name>.advertised | Whether the service should accept new connections
|
| services.blockbook-frontend.<name>.extraConfig | Additional configurations to be appended to coin.conf
|
| services.wordpress.sites.<name>.virtualHost.locations | Declarative location config
|
| services.prometheus.exporters.imap-mailstat.accounts.<name>.username | If empty string mailaddress value is used
|
| services.znapzend.zetup.<name>.timestampFormat | The timestamp format to use for constructing snapshot names
|
| systemd.user.slices.<name>.startLimitBurst | Configure unit start rate limiting
|
| systemd.user.timers.<name>.startLimitBurst | Configure unit start rate limiting
|
| systemd.network.links.<name>.linkConfig | Each attribute in this set specifies an option in the
[Link] section of the unit
|
| services.tailscale.serve.services.<name>.endpoints | Map of incoming traffic patterns to local targets
|
| services.ghostunnel.servers.<name>.keystore | Path to keystore (combined PEM with cert/key, or PKCS12 keystore)
|
| services.borgbackup.jobs.<name>.encryption.mode | Encryption mode to use
|