| services.agorakit.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.fluidd.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.fediwall.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.akkoma.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.gancio.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.kanboard.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.dolibarr.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.librenms.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.mainsail.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.monica.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.pixelfed.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.matomo.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.wstunnel.clients.<name>.httpProxy | Proxy to use to connect to the wstunnel server (USER:PASS@HOST:PORT).
Passwords specified here will be world-readable in the Nix store!
To pass a password to the service, point the environmentFile option
to a file containing PROXY_PASSWORD=<your-password-here> and set
this option to <user>:$PROXY_PASSWORD@<host>:<port>
|
| services.frigate.settings.cameras.<name>.ffmpeg.inputs | List of inputs for this camera.
|
| services.zabbixWeb.nginx.virtualHost.locations.<name>.index | Adds index directive.
|
| services.zabbixWeb.nginx.virtualHost.locations.<name>.alias | Alias directory for requests.
|
| services.wordpress.sites.<name>.virtualHost.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| containers.<name>.config | A specification of the desired configuration of this
container, as a NixOS module.
|
| containers.<name>.autoStart | Whether the container is automatically started at boot-time.
|
| services.nsd.zones.<name>.outgoingInterface | This address will be used for zone-transfer requests if configured
as a secondary server or notifications in case of a primary server
|
| services.wordpress.sites.<name>.virtualHost.http2 | Whether to enable HTTP 2
|
| hardware.display.outputs.<name>.edid | An EDID filename to be used for configured display, as in edid/<filename>
|
| ec2.zfs.datasets.<name>.properties | Properties to set on this dataset.
|
| services.autosuspend.checks.<name>.enabled | Whether to enable this activity check.
|
| services.keepalived.vrrpScripts.<name>.timeout | Seconds after which script is considered to have failed.
|
| services.firewalld.zones.<name>.masquerade | Whether to enable masquerading in the zone.
|
| services.snapper.configs.<name>.TIMELINE_CLEANUP | Defines whether the timeline cleanup algorithm should be run for the config.
|
| services.anuko-time-tracker.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.fcgiwrap.instances.<name>.process.group | Group as which this instance of fcgiwrap will be run.
|
| services.snapper.configs.<name>.TIMELINE_LIMIT_HOURLY | Limits for timeline cleanup.
|
| services.snapper.configs.<name>.TIMELINE_LIMIT_YEARLY | Limits for timeline cleanup.
|
| services.snapper.configs.<name>.TIMELINE_LIMIT_WEEKLY | Limits for timeline cleanup.
|
| services.mosquitto.bridges.<name>.addresses | Remote endpoints for the bridge.
|
| services.simplesamlphp.<name>.libDir | Path to the SimpleSAMLphp library directory.
|
| containers.<name>.extraVeths.<name>.forwardPorts.*.containerPort | Target port of container
|
| security.acme.certs.<name>.dnsProvider | DNS Challenge provider
|
| services.consul-template.instances.<name>.enable | Whether to enable this consul-template instance.
|
| services.xserver.xkb.extraLayouts.<name>.languages | A list of languages provided by the layout.
(Use ISO 639-2 codes, for example: "eng" for english)
|
| services.rke2.autoDeployCharts.<name>.targetNamespace | The namespace in which the Helm chart gets installed.
|
| services.rke2.autoDeployCharts.<name>.createNamespace | Whether to create the target namespace if not present.
|
| services.fedimintd.<name>.nginx.config.locations | Declarative location config
|
| services.jirafeau.nginxConfig.locations.<name>.alias | Alias directory for requests.
|
| services.jirafeau.nginxConfig.locations.<name>.index | Adds index directive.
|
| hardware.sane.brscan5.netDevices.<name>.ip | The ip address of the device
|
| hardware.sane.brscan4.netDevices.<name>.ip | The ip address of the device
|
| services.neo4j.ssl.policies.<name>.trustedDir | Path to directory of X.509 certificates in PEM format for
trusted parties
|
| services.gitlab-runner.services.<name>.dockerAllowedImages | Whitelist allowed images.
|
| services.pgbackrest.repos.<name>.sftp-private-key-file | SFTP private key file
|
| services.zabbixWeb.httpd.virtualHost.locations.<name>.index | Adds DirectoryIndex directive
|
| services.zabbixWeb.httpd.virtualHost.locations.<name>.alias | Alias directory for requests
|
| services.prometheus.exporters.sql.configuration.jobs.<name>.queries.<name>.values | A set of columns that will be used as values of this metric.
|
| services.prometheus.exporters.sql.configuration.jobs.<name>.queries.<name>.labels | A set of columns that will be used as Prometheus labels.
|
| networking.greTunnels.<name>.type | Whether the tunnel routes layer 2 (tap) or layer 3 (tun) traffic.
|
| environment.etc.<name>.enable | Whether this /etc file should be generated
|
| services.fedimintd.<name>.bitcoin.rpc.secretFile | If set the URL specified in bitcoin.rpc.url will get the content of this file added
as an URL password, so http://user@example.com will turn into http://user:SOMESECRET@example.com
|
| services.wyoming.faster-whisper.servers.<name>.device | Determines the platform faster-whisper is run on
|
| services.snapserver.streams.<name>.sampleFormat | Default sample format.
|
| services.v4l2-relayd.instances.<name>.extraPackages | Extra packages to add to GST_PLUGIN_PATH for the instance.
|
| security.auditd.plugins.<name>.type | This tells the dispatcher how the plugin wants to be run
|
| services.fedimintd.<name>.nginx.config.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.gitlab-runner.services.<name>.protected | When set to true Runner will only run on pipelines
triggered on protected branches
|
| services.stargazer.certOrg | The name of the organization responsible for the X.509
certificate's /O name.
|
| programs.neovim.runtime.<name>.enable | Whether this runtime directory should be generated
|
| services.firewalld.zones.<name>.sourcePorts.*.protocol | |
| boot.loader.grub.users.<name>.passwordFile | Specifies the path to a file containing the
clear text password for the account
|
| services.nebula.networks.<name>.lighthouse.dns.port | UDP port number for lighthouse DNS server.
|
| services.httpd.virtualHosts.<name>.listenAddresses | Listen addresses for this virtual host
|
| services.fcgiwrap.instances.<name>.process.user | User as which this instance of fcgiwrap will be run
|
| services.armagetronad.servers.<name>.dns | DNS address to use for this server
|
| services.invoiceplane.sites.<name>.enable | Whether to enable InvoicePlane web application.
|
| services.zabbixWeb.nginx.virtualHost.locations.<name>.tryFiles | Adds try_files directive.
|
| services.stash.username | Username for login.
|
| services.cgit.<name>.gitHttpBackend.checkExportOkFiles | Whether git-http-backend should only export repositories that contain a git-daemon-export-ok file
|
| containers.<name>.path | As an alternative to specifying
config, you can specify the path to
the evaluated NixOS system configuration, typically a
symlink to a system profile.
|
| networking.interfaces.<name>.useDHCP | Whether this interface should be configured with DHCP
|
| services.davis.nginx.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.slskd.nginx.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.movim.nginx.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.strongswan-swanctl.swanctl.connections.<name>.children | CHILD_SA configuration sub-section
|
| services.radicle.httpd.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.woodpecker-agents.agents.<name>.package | The woodpecker-agent package to use.
|
| networking.greTunnels.<name>.local | The address of the local endpoint which the remote
side should send packets to.
|
| services.wordpress.sites.<name>.virtualHost.listen | Listen addresses and ports for this virtual host.
This option overrides addSSL, forceSSL and onlySSL
|
| services.fedimintd.<name>.nginx.config.serverAliases | Additional names of virtual hosts served by this virtual host configuration.
|
| services.kmonad.keyboards.<name>.extraGroups | Extra permission groups to attach to the KMonad instance for
this keyboard
|
| services.dolibarr.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.librenms.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.kanboard.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.fediwall.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.bookstack.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.agorakit.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.mainsail.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.pixelfed.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.wordpress.sites.<name>.virtualHost.sslServerChain | Path to server SSL chain file.
|
| services.printing.cups-pdf.instances.<name>.confFileText | This will contain the contents of cups-pdf.conf for this instance, derived from settings
|
| services.borgbackup.jobs.<name>.failOnWarnings | Fail the whole backup job if any borg command returns a warning
(exit code 1), for example because a file changed during backup.
|
| services.wordpress.sites.<name>.virtualHost.enableACME | Whether to ask Let's Encrypt to sign a certificate for this vhost
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.copy_df | Whether to copy the DF bit to the outer IPv4 header in tunnel mode
|
| services.gitea-actions-runner.instances.<name>.enable | Whether to enable Gitea Actions Runner instance.
|
| services.nebula.networks.<name>.firewall.outbound | Firewall rules for outbound traffic.
|