| services.nvme-rs.settings.thresholds.temp_warning | Temperature warning threshold (°C)
|
| services.listmonk.database.settings."privacy.exportable" | List of fields which can be exported through an automatic export request
|
| services.slskd.settings.retention.transfers.download.succeeded | Lifespan of succeeded download tasks.
|
| services.slskd.settings.retention.transfers.download.cancelled | Lifespan of cancelled download tasks.
|
| services.homebridge.settings.platforms.*.platform | Platform type
|
| services.sabnzbd.settings.servers.<name>.expire_date | If Notifications are enabled and an expiry date is
set, warn 5 days before expiry
|
| services.headscale.settings.dns.extra_records | Extra DNS records to expose to clients.
|
| services.sabnzbd.settings.ntfosd.ntfosd_enable | Whether to enable NotifyOSD alerts
|
| services.epgstation.settings.concurrentEncodeNum | The maximum number of encoding jobs that EPGStation would run at the
same time.
|
| services.matrix-appservice-discord.settings | config.yaml configuration as a Nix attribute set
|
| services.your_spotify.settings.API_ENDPOINT | The endpoint of your server
This api has to be reachable from the device you use the website from not from the server
|
| services.dependency-track.settings."alpine.database.username" | Specifies the username to use when authenticating to the database.
|
| services.consul-template.instances.<name>.settings.pid_file | Path to use for the pid file.
|
| services.opensearch.settings."plugins.security.disabled" | Whether to enable the security plugin,
plugins.security.ssl.transport.keystore_filepath or
plugins.security.ssl.transport.server.pemcert_filepath and
plugins.security.ssl.transport.client.pemcert_filepath
must be set for this plugin to be enabled.
|
| services.grafana.provision.datasources.settings.apiVersion | Config file version.
|
| services.borgmatic.settings.repositories.*.path | Path to the repository
|
| services.minidlna.settings.friendly_name | Name that the server presents to clients.
|
| virtualisation.xen.store.settings.ringScanInterval | Perodic scanning for all the rings as a safenet for lazy clients
|
| services.postfix-tlspol.settings.server.socket-permissions | Permissions to the UNIX socket, if configured.
Due to hardening on the systemd unit the socket can never be created world readable/writable.
|
| services.vmalert.instances.<name>.settings."datasource.url" | Datasource compatible with Prometheus HTTP API.
|
| services.warpgate.settings.sso_providers | Configure OIDC single sign-on providers.
|
| services.tor.relay.onionServices.<name>.settings.HiddenServiceAllowUnknownPorts | See torrc manual.
|
| services.angrr.settings.temporary-root-policies.<name>.ignore-prefixes-in-home | Path prefixes to ignore under home directory
|
| services.journald.upload.settings.Upload.ServerCertificateFile | SSL CA certificate in PEM format
|
| services.prowlarr.settings.update.automatically | Automatically download and install updates.
|
| services.whisparr.settings.update.automatically | Automatically download and install updates.
|
| services.matrix-continuwuity.settings.global.address | Addresses (IPv4 or IPv6) to listen on for connections by the reverse proxy/tls terminator
|
| services.grafana.provision.alerting.policies.settings.resetPolicies | List of orgIds that should be reset to the default policy.
|
| services.prometheus.exporters.script.settings.scripts.*.timeout | Optional timeout for the script in seconds.
|
| services.headscale.settings.oidc.allowed_users | Users allowed to authenticate even if not in allowedDomains.
|
| services.nextcloud.settings.enabledPreviewProviders | The preview providers that should be explicitly enabled.
|
| services.easytier.instances.<name>.settings.listeners | Listener addresses to accept connections from other peers
|
| services.sabnzbd.settings.misc.bandwidth_perc | Percentage of bandwidth_max that sabnzbd is allowed to use.
0 means no limit.
|
| services.evdevremapkeys.settings | config.yaml for evdevremapkeys
|
| services.syncthing.settings.folders.<name>.versioning | How to keep changed/deleted files with Syncthing
|
| services.tor.relay.onionServices.<name>.settings.HiddenServiceDirGroupReadable | See torrc manual.
|
| services.consul-template.instances.<name>.settings.template | Template section of consul-template
|
| services.kerberos_server.settings | Settings for the kerberos server of choice
|
| services.nextcloud-spreed-signaling.settings.backend.timeout | Timeout in seconds for requests to the backend
|
| services.matrix-appservice-irc.settings.homeserver.domain | The 'domain' part for user IDs on this home server
|
| services.public-inbox.settings.publicinbox.imapserver | IMAP URLs to this public-inbox instance
|
| services.public-inbox.settings.publicinbox.pop3server | POP3 URLs to this public-inbox instance
|
| services.public-inbox.settings.publicinbox.nntpserver | NNTP URLs to this public-inbox instance
|
| services.hercules-ci-agent.settings.staticSecretsDirectory | This is the default directory to look for statically configured secrets like cluster-join-token.key
|
| services.grafana.provision.dashboards.settings.providers | List of dashboards to insert/update.
|
| services.kanidm.server.settings.online_backup.schedule | The schedule for backups in cron format.
|
| virtualisation.docker.daemon.settings.live-restore | Allow dockerd to be restarted without affecting running container
|
| services.firezone.server.settingsSecret.RELEASE_COOKIE | A file containing a unique secret identifier for the Erlang
cluster
|
| services.journald.remote.settings.Remote.ServerCertificateFile | A path to a SSL certificate file in PEM format
|
| services.warpgate.settings.external_host | Configure the domain name of this Warpgate instance
|
| services.firewalld.settings.IPv6_rpfilter | Performs reverse path filtering (RPF) on IPv6 packets as per RFC 3704
|
| services.your_spotify.settings.CLIENT_ENDPOINT | The endpoint of your web application
|
| services.prometheus.exporters.fritz.settings.devices.*.hostname | Hostname under which the target device is reachable.
|
| services.prometheus.exporters.fritz.settings.devices.*.username | Username to authenticate with the target device.
|
| services.headscale.settings.dns.extra_records.*.name | DNS record name.
|
| services.headscale.settings.dns.extra_records.*.type | DNS record type.
|
| services.nextcloud-spreed-signaling.settings.etcd.endpoints | List of static etcd endpoints to connect to.
|
| services.lasuite-docs.collaborationServer.settings.PORT | Port used by collaboration server to listen to
|
| services.pid-fan-controller.settings.heatSources.*.wildcardPath | Path of the heat source's hwmon temp_input file
|
| services.borgmatic.settings.repositories.*.label | Label to the repository
|
| services.tor.settings.CookieAuthentication | See torrc manual.
|
| services.gitea.settings.service.DISABLE_REGISTRATION | By default any user can create an account on this gitea instance
|
| services.public-inbox.settings.publicinbox.wwwlisting | Controls which lists (if any) are listed for when the root
public-inbox URL is accessed over HTTP.
|
| services.grafana.provision.alerting.contactPoints.settings.contactPoints | List of contact points to import or update.
|
| services.immichframe.settings.Accounts.*.ImmichServerUrl | The URL of your Immich server.
|
| services.navidrome.settings.EnableInsightsCollector | Enable anonymous usage data collection, see https://www.navidrome.org/docs/getting-started/insights/ for details.
|
| virtualisation.docker.rootless.daemon.settings | Configuration for docker daemon
|
| services.journald.upload.settings.Upload.TrustedCertificateFile | SSL CA certificate
|
| services.prometheus.exporters.process.settings.process_names | All settings expressed as an Nix attrset
|
| networking.networkmanager.settings | Configuration added to the generated NetworkManager.conf, note that you can overwrite settings with this
|
| services.nipap.settings.auth.default_backend | Name of auth backend to use by default.
|
| virtualisation.xen.store.settings.persistent | Whether to activate the filed base backend.
|
| programs.captive-browser.browser | The shell (/bin/sh) command executed once the proxy starts
|
| services.kanidm.server.settings.online_backup.versions | Number of backups to keep
|
| services.autosuspend.settings.wakeup_cmd | The command to execute for scheduling a wake up of the system
|
| services.angrr.settings.temporary-root-policies.<name>.priority | Priority of this policy
|
| boot.initrd.systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.argument | An argument whose meaning depends on the type of operation
|
| services.matrix-synapse.settings.listeners.*.resources.*.names | List of resources to host on this listener.
|
| services.warpgate.settings.sso_providers.*.name | Internal identifier of SSO provider.
|
| services.authelia.instances.<name>.settings.log.keep_stdout | Whether to also log to stdout when a file_path is defined.
|
| services.pgbouncer.settings.pgbouncer.listen_port | Which port to listen on
|
| virtualisation.xen.store.settings.conflict.burstLimit | Limits applied to domains whose writes cause other domains' transaction
commits to fail
|
| services.sabnzbd.settings.misc.inet_exposure | Restrictions for access from non-local IP addresses
|
| services.crowdsec.settings.console.configuration | Attributes inside the console.yaml file.
|
| services.warpgate.settings.http.cookie_max_age | How long until logged in cookie expires.
|
| services.armagetronad.servers.<name>.settings | Armagetron Advanced server rules configuration
|
| services.firezone.server.settingsSecret.LIVE_VIEW_SIGNING_SALT | A file containing a unique base64 encoded secret for the
LIVE_VIEW_SIGNING_SALT
|
| services.grafana.settings.database.max_open_conn | The maximum number of open connections to the database.
|
| services.mpd.settings.bind_to_address | The address for the daemon to listen on
|
| services.grafana.provision.dashboards.settings.providers.*.name | A unique provider name.
|
| services.grafana.provision.dashboards.settings.providers.*.type | Dashboard provider type.
|
| services.grafana.settings.security.cookie_secure | Set to true if you host Grafana behind HTTPS.
|
| services.grafana.settings.database.max_idle_conn | The maximum number of connections in the idle connection pool.
|
| services.chhoto-url.settings.hash_algorithm | The hash algorithm to use for passwords and API keys
|
| services.tlsrpt.reportd.settings.sender_address | Sender address used for reports.
|
| services.headscale.settings.dns.extra_records.*.value | DNS record value (IP address).
|
| services.grafana.provision.alerting.templates.settings.templates | List of templates to import or update.
|
| services.authelia.instances.<name>.settings.telemetry.metrics.enabled | Enable Metrics.
|
| services.hercules-ci-agent.settings.concurrentTasks | Number of tasks to perform simultaneously
|
| services.taler.merchant.settings.merchant.LEGAL_PRESERVATION | How long to keep data in the database for tax audits after the transaction has completed.
|