| services.strongswan-swanctl.swanctl.authorities.<name>.file | Absolute path to the certificate to load
|
| services.gitlab.workhorse.config | Configuration options to add to Workhorse's configuration
file
|
| virtualisation.fileSystems.<name>.label | Label of the device
|
| services.filesender.database.passwordFile | A file containing the password corresponding to
services.filesender.database.user.
|
| services.seafile.workers | The number of gunicorn worker processes for handling requests.
|
| services.filesender.enable | Whether to enable FileSender.
|
| services.prometheus.scrapeConfigs.*.file_sd_configs | List of file service discovery configurations.
|
| programs.dconf.profiles | Attrset of dconf profiles
|
| services.gatus.environmentFile | File to load as environment file
|
| services.discourse.siteSettings | Discourse site settings
|
| services.monica.config | monica configuration options to set in the
.env file
|
| services.matrix-synapse.settings.pid_file | The file to store the PID in.
|
| security.acme.certs.<name>.profile | The certificate profile to choose if the CA offers multiple profiles.
|
| services.disnix.profiles | Names of the Disnix profiles to expose in the system's PATH
|
| services.bcg.environmentFiles | File to load as environment file
|
| services.filebrowser.enable | Whether to enable FileBrowser.
|
| services.cachix-agent.profile | Profile name, defaults to 'system' (NixOS).
|
| services.zeronet.fileserverPort | Zeronet fileserver port.
|
| services.hardware.openrgb.startupProfile | The profile file to load from "/var/lib/OpenRGB" at startup.
|
| systemd.user.tmpfiles.rules | Global user rules for creation, deletion and cleaning of volatile and
temporary files automatically
|
| virtualisation.fileSystems.<name>.encrypted.keyFile | Path to a keyfile used to unlock the backing encrypted
device
|
| services.asusd.profileConfig | The content of /etc/asusd/profile.ron
|
| virtualisation.fileSystems.<name>.autoFormat | If the device does not currently contain a filesystem (as
determined by blkid), then automatically
format it with the filesystem type specified in
fsType
|
| virtualisation.fileSystems.<name>.autoResize | If set, the filesystem is grown to its maximum size before
being mounted. (This is typically the size of the containing
partition.) This is currently only supported for ext2/3/4
filesystems that are mounted during early boot.
|
| services.oauth2-proxy.profileURL | Profile access endpoint.
|
| services.suricata.settings.pcap-file.checksum-checks | Possible values are:
- yes: checksum validation is forced
- no: checksum validation is disabled
- auto: Suricata uses a statistical approach to detect when
checksum off-loading is used. (default)
Warning: 'checksum-validation' must be set to yes to have checksum tested.
|
| security.sudo.configFile | This string contains the contents of the
sudoers file.
|
| services.nix-serve.secretKeyFile | The path to the file used for signing derivation data
|
| systemd.user.tmpfiles.enable | Whether to enable systemd user units systemd-tmpfiles-setup.service and systemd-tmpfiles-clean.timer.
|
| security.pam.u2f.enable | Enables U2F PAM (pam-u2f) module
|
| services.unbound.checkconf | Whether to check the resulting config file with unbound checkconf for syntax errors
|
| services.traefik.dynamic.files.<name>.settings | Dynamic configuration for Traefik, written in Nix.
This will be serialized to JSON (which is considered valid YAML) at build, and passed as part of the static file.
|
| programs.ssh.knownHosts.<name>.publicKeyFile | The path to the public key file for the host
|
| users.motdFile | A file containing the message of the day shown to users when they log in.
|
| security.sudo-rs.configFile | This string contains the contents of the
sudoers file.
|
| services.filebeat.inputs.<name>.type | The input type
|
| services.filesender.package | The filesender package to use.
|
| services.beesd.filesystems | BTRFS filesystems to run block-level deduplication on.
|
| services.stash.settings.video_file_naming_algorithm | Hash algorithm to use for generated file naming
|
| programs.schroot.profiles | Custom configuration profiles for schroot.
|
| services.usbguard.ruleFile | This tells the USBGuard daemon which file to load as policy rule set
|
| services.udev.extraHwdb | Additional hwdb files
|
| services.filebrowser.package | The filebrowser package to use.
|
| boot.resumeDevice | Device for manual resume attempt during boot
|
| services.jicofo.config | Contents of the jicofo.conf configuration file.
|
| services.geoipupdate.settings | geoipupdate configuration options
|
| services.lact.settings | Settings for LACT
|
| services.lokinet.settings.network.keyfile | The private key to persist address with
|
| virtualisation.fileSystems.<name>.stratis.poolUuid | UUID of the stratis pool that the fs is located in
This is only relevant if you are using stratis.
|
| services.filesender.localDomain | The domain serving your FileSender instance.
|
| services.nsd.zonefilesCheck | Whether to check mtime of all zone files on start and sighup.
|
| services.thanos.query.store.sd-files | Path to files that contain addresses of store API servers
|
| services.angrr.settings.profile-policies.<name>.profile-paths | Paths to the Nix profile
|
| virtualisation.fileSystems.<name>.depends | List of paths that should be mounted before this one
|
| services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.cert.<name>.file | Absolute path to the certificate to load
|
| services.agorakit.config | Agorakit configuration options to set in the
.env file
|
| services.onlyoffice.securityNonceFile | File holding nginx configuration that sets the nonce used to create secret links
|
| security.pam.oath.usersFile | Set the path to file where the user's credentials are
stored
|
| services.documize.key | The key.pem file used for https.
|
| systemd.mounts.*.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| systemd.paths.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| systemd.units.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| virtualisation.fileSystems.<name>.device | The device as passed to mount
|
| services.ifm.enable | Whether to enable Improved file manager, a single-file web-based filemanager
Lightweight and minimal, served using PHP's built-in server
.
|
| services.grafana.settings.server.cert_file | Path to the certificate file (if protocol is set to https or h2).
|
| boot.initrd.luks.devices.<name>.keyFileSize | The size of the key file
|
| services.immich.secretsFile | Path of a file with extra environment variables to be loaded from disk
|
| services.mpd.settings.db_file | The path to MPD's database.
|
| services.mqtt2influxdb.mqtt.cafile | Certification Authority file for MQTT
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cert.<name>.file | Absolute path to the certificate to load
|
| services.go-camo.keyFile | A file containing the HMAC key to use for signing URLs
|
| services.tcsd.stateDir | The location of the system persistent storage file
|
| services.filebeat.inputs | Inputs specify how Filebeat locates and processes input data
|
| virtualisation.fileSystems.<name>.encrypted.blkDev | Location of the backing encrypted device.
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.argument | An argument whose meaning depends on the type of operation
|
| services.seafile.seahubPackage | The seahub package to use.
|
| services.zwave-js.secretsConfigFile | JSON file containing secret keys
|
| services.diod.exportall | Export all file systems listed in /proc/mounts
|
| services.netbird.clients.<name>.dir.state | A state directory used by NetBird client to store config.json, state.json & resolv.conf.
|
| services.netbird.tunnels.<name>.dir.state | A state directory used by NetBird client to store config.json, state.json & resolv.conf.
|
| services.documize.cert | The cert.pem file used for https.
|
| services.udev.extraRules | Additional udev rules
|
| systemd.slices.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| systemd.timers.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| services.powerdns.secretFile | Environment variables from this file will be interpolated into the
final config file using envsubst with this syntax: $ENVIRONMENT
or ${VARIABLE}
|
| services.disnix.enableProfilePath | Whether to enable exposing the Disnix profiles in the system's PATH.
|
| services.mqtt2influxdb.mqtt.keyfile | Key file for MQTT
|
| services.filebrowser.settings | Settings for FileBrowser
|
| services.nghttpx.rlimit-nofile | Set maximum number of open files (RLIMIT_NOFILE) to <N>
|
| systemd.user.units.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| systemd.user.paths.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| services.httpd.phpOptions | Options appended to the PHP configuration file php.ini.
|
| services.nsd.zones.<name>.data | The actual zone data
|
| virtualisation.fileSystems.<name>.overlay.workdir | The path to the workdir
|
| services.filebrowser.settings.root | The directory where FileBrowser stores files.
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cacert.<name>.file | Absolute path to the certificate to load
|
| services.filesender.settings | Configuration options used by FileSender
|
| services.filesender.poolSettings | Options for FileSender's PHP pool
|
| environment.profiles | A list of profiles used to setup the global environment.
|
| security.acme.defaults.profile | The certificate profile to choose if the CA offers multiple profiles.
|