| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.target | Address to forward connections to (can be HOST:PORT or unix:PATH).
|
| services.prometheus.exporters.tailscale.listenAddress | Address to listen on.
|
| services.prometheus.exporters.junos-czerwonk.listenAddress | Address to listen on.
|
| services.prometheus.exporters.rasdaemon.listenAddress | Address to listen on.
|
| services.prometheus.exporters.nextcloud.listenAddress | Address to listen on.
|
| services.prometheus.exporters.smokeping.listenAddress | Address to listen on.
|
| services.prometheus.exporters.borgmatic.listenAddress | Address to listen on.
|
| services.prometheus.exporters.surfboard.listenAddress | Address to listen on.
|
| services.prometheus.exporters.pgbouncer.listenAddress | Address to listen on.
|
| services.prometheus.exporters.wireguard.listenAddress | Address to listen on.
|
| services.prometheus.exporters.ecoflow.ecoflowAccessKeyFile | Path to the file with your personal api access string from the Ecoflow development website https://developer-eu.ecoflow.com
|
| services.prometheus.exporters.ecoflow.ecoflowSecretKeyFile | Path to the file with your personal api secret string from the Ecoflow development website https://developer-eu.ecoflow.com
|
| services.nextcloud.settings.mail_smtphost | This depends on mail_smtpmode
|
| services.prometheus.exporters.mail.environmentFile | File containing env-vars to be substituted into the exporter's config.
|
| services.kanidm.server.settings.ldapbindaddress | Address and port the LDAP server is bound to
|
| services.restic.server.listenAddress | Listen on a specific IP address and port or unix socket.
|
| hardware.keyboard.qmk.keychronSupport | Whether to enable udev rules for keychron QMK based keyboards.
|
| services.freeciv.openFirewall | Whether to enable opening the firewall for the port listening for clients.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.rand_packets | Packet range from which to choose a random value to subtract from
rekey_packets
|
| services.bitwarden-directory-connector-cli.sync.largeImport | Enable if you are syncing more than 2000 users/groups.
|
| services.prometheus.exporters.rasdaemon.databasePath | Path to the RAS daemon machine check event database.
|
| services.prometheus.exporters.frr.enabledCollectors | Collectors to enable
|
| services.prometheus.exporters.blackbox.enableConfigCheck | Whether to run a correctness check for the configuration file
|
| services.prometheus.scrapeConfigs.*.dockerswarm_sd_configs.*.port | The port to scrape metrics from, when role is nodes, and for discovered
tasks and services that don't have published ports
|
| services.ntopng.enable | Enable ntopng, a high-speed web-based traffic analysis and flow
collection tool
|
| services.prometheus.exporters.collectd.collectdBinary.enable | Whether to enable collectd binary protocol receiver.
|
| services.tor.torsocks.fasterServer | IP/Port of the Tor SOCKS server for torsocks-faster wrapper suitable for HTTP
|
| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.cacert | Path to CA bundle file (PEM/X509)
|
| services.etesync-dav.openFirewall | Whether to open the firewall for the specified port.
|
| services.prometheus.exporters.artifactory.enable | Whether to enable the prometheus artifactory exporter.
|
| services.netbird.server.signal.metricsPort | Internal port of the metrics server.
|
| services.prometheus.exporters.imap-mailstat.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.imap-mailstat.openFirewall is true.
|
| services.prometheus.exporters.buildkite-agent.interval | How often to update metrics.
|
| services.prometheus.exporters.mqtt.environmentFile | File to load as environment file
|
| services.prometheus.exporters.py-air-control.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.py-air-control.openFirewall
is true
|
| services.prometheus.exporters.nextcloud.passwordFile | File containing the password for connecting to Nextcloud
|
| services.jirafeau.nginxConfig.onlySSL | Whether to enable HTTPS and reject plain HTTP connections
|
| services.prometheus.exporters.buildkite-agent.endpoint | The Buildkite Agent API endpoint.
|
| services.prometheus.exporters.pve.collectors.resources | Collect PVE resources info
|
| services.esphome.enableUnixSocket | Listen on a unix socket /run/esphome/esphome.sock instead of the TCP port.
|
| programs.hyprland.portalPackage | The xdg-desktop-portal-hyprland package to use
|
| services.orangefs.server.servers | URLs for storage server including port
|
| services.dnsdist.dnscrypt.listenPort | Listen port of the endpoint
|
| services.immich-kiosk.openFirewall | Whether to open the firewall for the immich-kiosk port.
|
| services.udp-over-tcp.tcp2udp.<name>.forward | The IP and port to forward all traffic to.
|
| services.udp-over-tcp.udp2tcp.<name>.forward | The IP and port to forward all traffic to.
|
| services.prometheus.exporters.dnsmasq.dnsmasqListenAddress | Address on which dnsmasq listens.
|
| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.package | Package to use for ghostunnel
|
| services.prometheus.exporters.node.enabledCollectors | Collectors to enable
|
| services.prometheus.exporters.artifactory.scrapeUri | URI on which to scrape JFrog Artifactory.
|
| services.znc.config | Configuration for ZNC, see
https://wiki.znc.in/Configuration for details
|
| services.prometheus.exporters.rtl_433.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.rtl_433.openFirewall is true.
|
| services.openssh.listenAddresses | List of addresses and ports to listen on (ListenAddress directive
in config)
|
| services.anki-sync-server.openFirewall | Whether to open the firewall for the specified port.
|
| services.prometheus.exporters.kafka.environmentFile | File containing the credentials to access the repository, in the
format of an EnvironmentFile as described by systemd.exec(5)
|
| services.prometheus.exporters.nginxlog.metricsEndpoint | Path under which to expose metrics.
|
| services.prometheus.exporters.mailman3.listenAddress | Address to listen on.
|
| services.public-inbox.openFirewall | Whether to enable opening the firewall when using a port option.
|
| services.prometheus.exporters.graphite.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.graphite.openFirewall
is true
|
| services.prometheus.exporters.postgres.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.postgres.openFirewall
is true
|
| services.prometheus.exporters.smartctl.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.smartctl.openFirewall
is true
|
| services.prometheus.exporters.opnsense.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.opnsense.openFirewall
is true
|
| services.prometheus.exporters.influxdb.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.influxdb.openFirewall
is true
|
| services.prometheus.exporters.unpoller.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.unpoller.openFirewall
is true
|
| services.prometheus.exporters.keylight.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.keylight.openFirewall
is true
|
| services.prometheus.exporters.nginxlog.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.nginxlog.openFirewall
is true
|
| services.prometheus.exporters.collectd.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.collectd.openFirewall
is true
|
| services.prometheus.exporters.mikrotik.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.mikrotik.openFirewall
is true
|
| services.prometheus.exporters.fritzbox.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.fritzbox.openFirewall
is true
|
| services.prometheus.exporters.blackbox.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.blackbox.openFirewall
is true
|
| services.prometheus.exporters.surfboard.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.surfboard.openFirewall is true.
|
| services.prometheus.exporters.pgbouncer.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.pgbouncer.openFirewall is true.
|
| services.prometheus.exporters.smokeping.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.smokeping.openFirewall is true.
|
| services.prometheus.exporters.borgmatic.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.borgmatic.openFirewall is true.
|
| services.prometheus.exporters.wireguard.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.wireguard.openFirewall is true.
|
| services.prometheus.exporters.nextcloud.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.nextcloud.openFirewall is true.
|
| services.prometheus.exporters.tailscale.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.tailscale.openFirewall is true.
|
| services.prometheus.exporters.rasdaemon.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.rasdaemon.openFirewall is true.
|
| services.prometheus.exporters.dovecot.socketPath | Path under which the stats socket is placed
|
| services.prometheus.exporters.junos-czerwonk.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.junos-czerwonk.openFirewall is true.
|
| services.prometheus.exporters.modemmanager.user | User name under which the modemmanager exporter shall be run.
|
| services.prometheus.exporters.artifactory.extraFlags | Extra commandline options to pass to the artifactory exporter.
|
| services.hostapd.radios.<name>.networks.<name>.authentication.wpaPskFile | Sets the password(s) for WPA-PSK
|
| services.prometheus.exporters.frr.disabledCollectors | Collectors to disable which are enabled by default.
|
| services.keycloak.settings.hostname-backchannel-dynamic | Enables dynamic resolving of backchannel URLs,
including hostname, scheme, port and context path
|
| services.prometheus.exporters.graphite.mappingSettings | Mapping configuration for the exporter, see
https://github.com/prometheus/graphite_exporter#yaml-config for
available options.
|
| services.prometheus.exporters.pve.environmentFile | Path to the service's environment file
|
| services.tigerbeetle.addresses | The addresses of all replicas in the cluster
|
| services.prometheus.exporters.smokeping.telemetryPath | Path under which to expose metrics.
|
| services.prometheus.exporters.junos-czerwonk.telemetryPath | Path under which to expose metrics.
|
| services.prometheus.exporters.pgbouncer.telemetryPath | Path under which to expose metrics.
|
| services.plantuml-server.listenPort | Port to listen on.
|
| services.strongswan-swanctl.swanctl.connections.<name>.proposals | A proposal is a set of algorithms
|
| services.prometheus.exporters.buildkite-agent.listenAddress | Address to listen on.
|
| services.prometheus.exporters.unpoller.log.prometheusErrors | Whether to enable emitting errors to prometheus.
|
| services.fedimintd.<name>.nginx.path | Path to host the API on and forward to the daemon's api port
|
| services.prometheus.exporters.fastly.environmentFile | An environment file containg at least the FASTLY_API_TOKEN= environment
variable.
|
| networking.nat.forwardPorts.*.sourcePort | Source port of the external interface; to specify a port range, use a string with a colon (e.g. "60000:61000")
|
| services.quicktun.<name>.localPort | Local UDP port.
|
| services.zabbixWeb.nginx.virtualHost.http2 | Whether to enable the HTTP/2 protocol
|