| systemd.user.paths.<name>.upholds | Keeps the specified running while this unit is running
|
| systemd.user.sockets.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| systemd.user.targets.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| services.strongswan-swanctl.swanctl.secrets.token.<name>.pin | Optional PIN required to access the key on the token
|
| services.buildkite-agents.<name>.runtimePackages | Add programs to the buildkite-agent environment
|
| services.strongswan-swanctl.swanctl.secrets.rsa.<name>.secret | Value of decryption passphrase for RSA key.
|
| services.invoiceplane.sites.<name>.settings | Structural InvoicePlane configuration
|
| services.hostapd.radios.<name>.wifi7.singleUserBeamformee | EHT single user beamformee support
|
| services.hostapd.radios.<name>.wifi7.singleUserBeamformer | EHT single user beamformer support
|
| services.fedimintd.<name>.consensus.finalityDelay | Consensus peg-in finality delay.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.priority | Optional fixed priority for IPsec policies
|
| services.limesurvey.virtualHost.locations.<name>.alias | Alias directory for requests
|
| services.limesurvey.virtualHost.locations.<name>.index | Adds DirectoryIndex directive
|
| services.radicle.httpd.nginx.serverName | Name of this virtual host
|
| services.bind.enable | Whether to enable BIND domain name server.
|
| services.authelia.instances.<name>.settings.server.address | The address to listen on.
|
| services.bcg.automaticRenameNodes | Automatically rename all nodes.
|
| services.keepalived.vrrpInstances.<name>.virtualIps | Declarative vhost config
|
| services.beesd.filesystems.<name>.hashTableSizeMB | Hash table size in MB; must be a multiple of 16
|
| services.zeronsd.servedNetworks.<name>.settings.wildcard | Whether to serve a wildcard record for ZeroTier Nodes.
|
| services.kanidm.provision.systems.oauth2.<name>.originLanding | When redirecting from the Kanidm Apps Listing page, some linked applications may need to land on a specific page to trigger oauth2/oidc interactions.
|
| security.acme.certs.<name>.postRun | Commands to run after new certificates go live
|
| services.botamusique.settings.bot.username | Name the bot should appear with.
|
| services.radicle.ci.adapters.native.instances.<name>.settings.state | Directory where per-run directories are stored.
|
| services.limesurvey.nginx.virtualHost.locations.<name>.alias | Alias directory for requests.
|
| services.limesurvey.nginx.virtualHost.locations.<name>.index | Adds index directive.
|
| services.h2o.hosts.<name>.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| networking.vlans.<name>.id | The vlan identifier
|
| services.firezone.server.provision.accounts.<name>.resources.<name>.addressDescription | An optional description for resource address, usually a full link to the resource including a schema.
|
| systemd.user.services.<name>.documentation | A list of URIs referencing documentation for this unit or its configuration.
|
| environment.etc.<name>.user | User name of file owner
|
| hardware.alsa.cardAliases.<name>.id | The ID of the sound card
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.remote_ts | List of remote selectors to include in CHILD_SA
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.rand_time | Time range from which to choose a random value to subtract from
rekey_time
|
| services.anuko-time-tracker.nginx.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.influxdb2.provision.organizations.<name>.auths.<name>.description | Optional description for the API token
|
| networking.sits.<name>.dev | The underlying network device on which the tunnel resides.
|
| services.vmalert.instances.<name>.settings."notifier.url" | Prometheus Alertmanager URL
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.mode | IPsec Mode to establish CHILD_SA with.
tunnel negotiates the CHILD_SA in IPsec Tunnel Mode,- whereas
transport uses IPsec Transport Mode.
transport_proxy signifying the special Mobile IPv6
Transport Proxy Mode.beet is the Bound End to End Tunnel mixture mode,
working with fixed inner addresses without the need to include them in
each packet.- Both
transport and beet modes are
subject to mode negotiation; tunnel mode is
negotiated if the preferred mode is not available.
pass and drop are used to install
shunt policies which explicitly bypass the defined traffic from IPsec
processing or drop it, respectively
|
| services.pcscd.extendReaderNames | String to append to every reader name
|
| security.acme.certs.<name>.email | Email address for account creation and correspondence from the CA
|
| users.extraGroups.<name>.members | The user names of the group members, added to the
/etc/group file.
|
| services.r53-ddns.domain | The name of your domain in Route53
|
| services.simplesamlphp.<name>.configDir | Path to the SimpleSAMLphp config directory.
|
| services.actual.settings.hostname | The address to listen on
|
| systemd.timers.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| systemd.slices.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| services.znc.confOptions.networks.<name>.hasBitlbeeControlChannel | Whether to add the special Bitlbee operations channel.
|
| services.angrr.settings.temporary-root-policies.<name>.enable | Whether to enable this angrr policy.
|
| services.fedimintd.<name>.nginx.config.sslCertificate | Path to server SSL certificate.
|
| services.zabbixWeb.nginx.virtualHost.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.limesurvey.httpd.virtualHost.locations.<name>.index | Adds DirectoryIndex directive
|
| services.limesurvey.httpd.virtualHost.locations.<name>.alias | Alias directory for requests
|
| services.snapserver.streams.<name>.location | For type pipe or file, the path to the pipe or file
|
| services.anuko-time-tracker.hostname | The hostname to serve Anuko Time Tracker on.
|
| systemd.network.networks.<name>.networkEmulatorConfig | Each attribute in this set specifies an option in the
[NetworkEmulator] section of the unit
|
| systemd.user.paths.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| systemd.user.paths.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| security.acme.certs.<name>.validMinDays | Minimum remaining validity before renewal in days.
|
| services.dawarich.sidekiqProcesses.<name>.jobClasses | If not empty, which job classes should be executed by this process.
If left empty, all job classes will be executed by this process.
|
| services.angrr.settings.profile-policies.<name>.keep-booted-system | Whether to keep the last booted system generation
|
| services.mosquitto.listeners.*.users.<name>.password | Specifies the (clear text) password for the MQTT User.
|
| services.jibri.xmppEnvironments.<name>.xmppServerHosts | Hostnames of the XMPP servers to connect to.
|
| services.sanoid.datasets.<name>.use_template | Names of the templates to use for this dataset.
|
| services.autorandr.profiles.<name>.hooks.postswitch | Postswitch hook executed after mode switch.
|
| services.strongswan-swanctl.swanctl.authorities.<name>.module | Optional PKCS#11 module name.
|
| users.extraUsers.<name>.autoSubUidGidRange | Automatically allocate subordinate user and group ids for this user
|
| programs.ssh.knownHosts.<name>.hostNames | A list of host names and/or IP numbers used for accessing
the host's ssh service
|
| services.firezone.server.smtp.username | Username to authenticate against the SMTP relay
|
| services.angrr.settings.temporary-root-policies.<name>.period | Retention period for the GC roots matched by this policy.
|
| services.angrr.settings.temporary-root-policies.<name>.path-regex | Regex pattern to match the GC root path.
|
| services.ghostunnel.servers.<name>.extraArguments | Extra arguments to pass to ghostunnel server
|
| services.vdirsyncer.jobs.<name>.additionalGroups | additional groups to add the dynamic user to
|
| services.jibri.xmppEnvironments.<name>.control.login.domain | The domain part of the JID for this Jibri instance.
|
| services.wyoming.faster-whisper.servers.<name>.initialPrompt | Optional text to provide as a prompt for the first window
|
| services.evremap.settings.device_name | The name of the device that should be remapped
|
| networking.sits.<name>.ttl | The time-to-live of the connection to the remote tunnel endpoint.
|
| users.extraUsers.<name>.subGidRanges.*.count | Count of subordinate group ids
|
| users.extraUsers.<name>.subUidRanges.*.count | Count of subordinate user ids
|
| services.bonsaid.settings.*.event_name | Name of the event which should trigger this transition when received by bonsaid
|
| services.postfixadmin.database.dbname | Name of the postgresql database
|
| services.wstunnel.servers.<name>.tlsCertificate | TLS certificate to use instead of the hardcoded one in case of HTTPS connections
|
| boot.initrd.luks.devices.<name>.gpgCard | The option to use this LUKS device with a GPG encrypted luks password by the GPG Smartcard
|
| services.klipper.firmwares.<name>.enableKlipperFlash | Whether to enable flashings scripts for firmware
|
| services.borgbackup.jobs.<name>.compression | Compression method to use
|
| services.fediwall.nginx.serverName | Name of this virtual host
|
| services.librenms.nginx.serverName | Name of this virtual host
|
| services.kanboard.nginx.serverName | Name of this virtual host
|
| services.dolibarr.nginx.serverName | Name of this virtual host
|
| services.agorakit.nginx.serverName | Name of this virtual host
|
| services.mainsail.nginx.serverName | Name of this virtual host
|
| services.pixelfed.nginx.serverName | Name of this virtual host
|
| services.fcron.allow | Users allowed to use fcrontab and fcrondyn (one name per
line, all for everyone).
|
| services.gancio.user | The user (and PostgreSQL database name) used to run the gancio server
|
| services.grafana.provision.datasources.settings.deleteDatasources.*.name | Name of the datasource to delete.
|
| services.bookstack.nginx.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.borgbackup.jobs.<name>.persistentTimer | Set the Persistent option for the
systemd.timer(5)
which triggers the backup immediately if the last trigger
was missed (e.g. if the system was powered down).
|
| users.users.<name>.expires | Set the date on which the user's account will no longer be
accessible
|
| services.tlsrpt.reportd.settings.dbname | Path to the sqlite database.
|
| users.extraUsers.<name>.openssh.authorizedKeys.keyFiles | A list of files each containing one OpenSSH public key that should be
added to the user's authorized keys
|