| services.prometheus.exporters.fritz.settings.log_level | Log level to use for the exporter.
|
| services.nipap.settings.auth.default_backend | Name of auth backend to use by default.
|
| virtualisation.xen.store.settings.persistent | Whether to activate the filed base backend.
|
| services.searx.faviconsSettings | Favicons settings for SearXNG.
|
| services.grafana.provision.alerting.contactPoints.settings | Grafana contact points configuration in Nix
|
| virtualisation.xen.store.settings.ringScanInterval | Perodic scanning for all the rings as a safenet for lazy clients
|
| services.nextcloud-spreed-signaling.settings.https.listen | IP and port to listen on for HTTPS requests, in the format of ip:port
|
| services.grafana.provision.alerting.rules.settings.groups.*.folder | Name of the folder the rule group will be stored in
|
| services.wgautomesh.settings.lan_discovery | Enable discovery of peers on the same LAN using UDP broadcast.
|
| services.sabnzbd.settings.ntfosd.ntfosd_enable | Whether to enable NotifyOSD alerts
|
| services.crowdsec.settings.console.configuration | Attributes inside the console.yaml file.
|
| services.warpgate.settings.http.cookie_max_age | How long until logged in cookie expires.
|
| services.matrix-synapse.settings.enable_metrics | Enable collection and rendering of performance metrics
|
| services.hddfancontrol.settings.<drive-bay-name>.pwmPaths | PWM filepath(s) to control fan speed (under /sys), followed by initial and fan-stop PWM values
Can also use command substitution to ensure the correct hwmonX is selected on every boot
|
| services.prometheus.alertmanager-ntfy.settings.http.addr | The address to listen on.
|
| services.grafana.provision.alerting.templates.settings | Grafana templates configuration in Nix
|
| services.grafana.provision.datasources.settings.prune | When true, provisioned datasources from this file will be deleted
automatically when removed from
services.grafana.provision.datasources.settings.datasources.
|
| virtualisation.docker.daemon.settings.live-restore | Allow dockerd to be restarted without affecting running container
|
| documentation.man.mandoc.settings.manpath | Override the default search path for man(1),
apropos(1), and makewhatis(8)
|
| services.autosuspend.settings.wakeup_cmd | The command to execute for scheduling a wake up of the system
|
| services.transmission.settings.incomplete-dir-enabled | |
| services.public-inbox.settings.publicinbox.wwwlisting | Controls which lists (if any) are listed for when the root
public-inbox URL is accessed over HTTP.
|
| services.transmission.settings.script-torrent-done-enabled | Whether to run
services.transmission.settings.script-torrent-done-filename
at torrent completion.
|
| services.prometheus.exporters.script.settings | Free-form configuration for script_exporter, expressed as a Nix attrset and rendered to YAML.
Migration note:
The previous format using script = "sleep 5" is no longer supported
|
| virtualisation.xen.store.settings.xenstored.log.file | Path to the Xen Store log file.
|
| services.pgbouncer.settings.pgbouncer.listen_port | Which port to listen on
|
| services.grafana-image-renderer.settings.rendering.mode | Rendering mode of grafana-image-renderer:
default: Creates on browser-instance
per rendering request.reusable: One browser instance
will be started and reused for each rendering request.clustered: allows to precisely
configure how many browser-instances are supposed to be used
|
| services.postfix-tlspol.settings.server.socket-permissions | Permissions to the UNIX socket, if configured.
Due to hardening on the systemd unit the socket can never be created world readable/writable.
|
| services.grafana.settings.database.max_open_conn | The maximum number of open connections to the database.
|
| services.tlsrpt.reportd.settings.sender_address | Sender address used for reports.
|
| services.kerberos_server.settings.include | Files to include in the Kerberos configuration.
|
| services.system76-scheduler.settings.cfsProfiles.default.latency | sched_latency_ns.
|
| services.matrix-appservice-irc.settings.homeserver.domain | The 'domain' part for user IDs on this home server
|
| services.sourcehut.settings."lists.sr.ht::worker".reject-mimetypes | Comma-delimited list of Content-Types to reject
|
| virtualisation.containers.storage.settings | storage.conf configuration
|
| services.prometheus.exporters.nginxlog.settings.consul | Consul integration options
|
| virtualisation.docker.rootless.daemon.settings | Configuration for docker daemon
|
| services.suricata.settings.dpdk.interfaces.*.interface | See upstream docs: docs/capture-hardware/dpdk and docs/configuration/suricata-yaml.html#data-plane-development-kit-dpdk.
|
| services.authelia.instances.<name>.settings.log.keep_stdout | Whether to also log to stdout when a file_path is defined.
|
| services.grafana.settings.security.cookie_secure | Set to true if you host Grafana behind HTTPS.
|
| services.grafana.settings.database.max_idle_conn | The maximum number of connections in the idle connection pool.
|
| services.slskd.settings.retention.transfers.download.errored | Lifespan of errored download tasks.
|
| documentation.man.mandoc.settings.output.man | A template for linked manuals (usually via the Xr macro) in HTML
output
|
| services.umurmur.settings.default_channel | The channel in which users will appear in when connecting.
|
| services.system76-scheduler.settings.cfsProfiles.default.preempt | Preemption mode.
|
| services.transmission.settings.script-torrent-done-filename | Executable to be run at torrent completion.
|
| services.system76-scheduler.settings.cfsProfiles.default.nr-latency | sched_nr_latency.
|
| services.matrix-synapse.settings.listeners.*.x_forwarded | Use the X-Forwarded-For (XFF) header as the client IP and not the
actual client IP.
|
| services.maubot.settings.crypto_database | Separate database URL for the crypto database
|
| services.bonsaid.settings.*.delay_duration | Nanoseconds to wait after the previous state change before performing this transition
|
| services.headscale.settings.dns.extra_records.*.value | DNS record value (IP address).
|
| services.matrix-appservice-irc.settings.ircService.mediaProxy.signingKeyPath | Path to the signing key file for authenticated media.
|
| services.matrix-synapse.settings.public_baseurl | The public-facing base URL for the client API (not including _matrix/...)
|
| services.journald.upload.settings.Upload.NetworkTimeoutSec | When network connectivity to the server is lost, this option
configures the time to wait for the connectivity to get restored
|
| services.parsedmarc.settings.elasticsearch.ssl | Whether to use an encrypted SSL/TLS connection.
|
| virtualisation.xen.store.settings.xenstored.log.level | Logging level for the Xen Store.
|
| services.grafana.provision.alerting.muteTimings.settings.apiVersion | Config file version.
|
| services.dependency-track.settings."alpine.database.mode" | Defines the database mode of operation
|
| services.kerberos_server.settings.realms.<name>.acl | The privileges granted to a user.
|
| services.hddfancontrol.settings.<drive-bay-name>.logVerbosity | Verbosity of the log level
|
| services.tor.settings.UseMicrodescriptors | See torrc manual.
|
| services.nvme-rs.settings.thresholds.wear_critical | Wear critical threshold (%)
|
| services.mchprs.settings.block_in_hitbox | Allow placing blocks inside of players
(hitbox logic is simplified)
|
| services.transmission.settings.incomplete-dir | When enabled with
services.transmission.home
services.transmission.settings.incomplete-dir-enabled,
new torrents will download the files to this directory
|
| services.prometheus.exporters.script.settings.scripts.*.script | Shell script to execute when metrics are requested.
|
| services.headscale.settings.prefixes.allocation | Strategy used for allocation of IPs to nodes, available options:
- sequential (default): assigns the next free IP from the previous given IP.
- random: assigns the next free IP from a pseudo-random IP generator (crypto/rand).
|
| services.slskd.settings.retention.transfers.upload.cancelled | Lifespan of cancelled upload tasks.
|
| services.system76-scheduler.settings.processScheduler.enable | Tweak scheduling of individual processes in real time.
|
| services.slskd.settings.retention.transfers.upload.succeeded | Lifespan of succeeded upload tasks.
|
| services.transmission.settings.trash-original-torrent-files | Whether to delete torrents added from the
services.transmission.settings.watch-dir.
|
| services.nextcloud-spreed-signaling.settings.backend.allowall | Allow any hostname as backend endpoint
|
| security.agnos.settings.dns_listen_addr | Address for agnos to listen on
|
| services.parsedmarc.settings.elasticsearch.user | Username to use when connecting to Elasticsearch, if
required.
|
| services.nvme-rs.settings.thresholds.temp_critical | Temperature critical threshold (°C)
|
| services.nvme-rs.settings.thresholds.spare_warning | Available spare warning threshold (%)
|
| documentation.man.mandoc.settings.output.includes | A string of relative path used as a template for the output path of
linked header files (usually via the In macro) in HTML output
|
| services.matrix-continuwuity.settings.global.address | Addresses (IPv4 or IPv6) to listen on for connections by the reverse proxy/tls terminator
|
| services.grafana.provision.alerting.policies.settings.apiVersion | Config file version.
|
| services.easytier.instances.<name>.settings.network_name | EasyTier network name.
|
| services.grafana.provision.datasources.settings.apiVersion | Config file version.
|
| services.warpgate.settings.sso_providers.*.provider | SSO provider configurations.
|
| services.matrix-appservice-irc.settings.ircService.mediaProxy.ttlSeconds | Lifetime in seconds, that generated URLs stay valid
|
| services.homebridge.settings.accessories.*.accessory | Accessory type
|
| services.mpd.settings.music_directory | The directory or URI where MPD reads music from
|
| services.grafana.provision.alerting.muteTimings.settings.muteTimes.*.name | Name of the mute time interval, must be unique
|
| services.suricata.settings.exception-policy | Define a common behavior for all exception policies
|
| services.headscale.settings.dns.search_domains | Search domains to inject to Tailscale clients.
|
| services.archisteamfarm.settings | The ASF.json file, all the options are documented here
|
| services.stash.settings.sound_on_preview | Enable sound on mouseover previews
|
| services.stash.settings.preview_segments | Number of segments in a preview file
|
| services.reposilite.settings.compressionStrategy | Compression algorithm used by this instance of Reposilite.
none reduces usage of CPU & memory, but requires transfering more data.
|
| services.grafana.settings.database.query_retries | This setting applies to sqlite3 only and controls the number of times the system retries a query when the database is locked.
|
| services.angrr.settings.temporary-root-policies.<name>.filter.arguments | Extra command-line arguments pass to the external filter program.
|
| services.tor.relay.onionServices.<name>.settings.HiddenServiceMaxStreamsCloseCircuit | See torrc manual.
|
| services.grafana.settings.server.enforce_domain | Redirect to correct domain if the host header does not match the domain
|
| services.prometheus.exporters.script.settings.scripts.*.timeout | Optional timeout for the script in seconds.
|
| services.anubis.instances.<name>.settings.METRICS_BIND | The address Anubis' metrics server listens to
|
| services.parsedmarc.settings.elasticsearch.hosts | A list of Elasticsearch hosts to push parsed reports
to.
|
| services.warpgate.settings.postgres.external_port | The PostgreSQL listener is reachable via this port externally.
|
| services.grafana.provision.dashboards.settings.providers | List of dashboards to insert/update.
|