| services.v4l2-relayd.instances.<name>.name | The name of the instance.
|
| services.buildkite-agents.<name>.name | The name of the agent as seen in the buildkite dashboard.
|
| networking.wireguard.interfaces.<name>.peers.*.persistentKeepalive | This is optional and is by default off, because most
users will not need it
|
| users.users.<name>.home | The user's home directory.
|
| networking.wireguard.interfaces.<name>.peers.*.dynamicEndpointRefreshSeconds | Periodically re-execute the wg utility every
this many seconds in order to let WireGuard notice DNS / hostname
changes
|
| networking.greTunnels.<name>.type | Whether the tunnel routes layer 2 (tap) or layer 3 (tun) traffic.
|
| services.atalkd.interfaces.<name>.config | Optional configuration string for this interface.
|
| networking.bonds.<name>.miimon | DEPRECATED, use driverOptions
|
| networking.jool.siit | Definitions of SIIT instances of Jool
|
| networking.macvlans.<name>.mode | The mode of the macvlan device.
|
| services.varnish.listen.*.name | Name is referenced in logs
|
| networking.greTunnels.<name>.local | The address of the local endpoint which the remote
side should send packets to.
|
| services.prosody.muc.*.name | The name to return in service discovery responses for the MUC service itself
|
| programs.regreet.theme.name | Name of the theme to use for regreet.
|
| boot.zfs.pools.<name>.devNodes | Name of directory from which to import ZFS device, this is passed to zpool import
as the value of the -d option
|
| users.users.<name>.uid | The account UID
|
| services.i2pd.proto.socksProxy.name | The endpoint name.
|
| services.opengfw.rules.*.name | Name of the rule.
|
| networking.jool.nat64.<name>.global.pool6 | The prefix used for embedding IPv4 into IPv6 addresses
|
| networking.jool.nat64 | Definitions of NAT64 instances of Jool
|
| boot.iscsi-initiator.name | Name of the iSCSI initiator to boot from
|
| power.ups.ups.<name>.port | The serial port to which your UPS is connected. /dev/ttyS0 is
usually the first port on Linux boxes, for example.
|
| services.authelia.instances.<name>.name | Name is used as a suffix for the service name, user, and group
|
| services.crowdsec.name | Name of the machine when registering it at the central or local api.
|
| services.tt-rss.database.name | Name of the existing database.
|
| programs.nix-required-mounts.allowedPatterns.<name>.paths | A list of glob patterns, indicating which paths to expose to the sandbox
|
| users.users.<name>.homeMode | The user's home directory mode in numeric format
|
| hardware.deviceTree.name | The name of an explicit dtb to be loaded, relative to the dtb base
|
| networking.wireguard.interfaces.<name>.peers.*.dynamicEndpointRefreshRestartSeconds | When the dynamic endpoint refresh that is configured via
dynamicEndpointRefreshSeconds exits (likely due to a failure),
restart that service after this many seconds
|
| networking.greTunnels.<name>.remote | The address of the remote endpoint to forward traffic over.
|
| services.netbird.tunnels.<name>.service.name | A systemd service name to use (without .service suffix).
|
| services.netbird.clients.<name>.service.name | A systemd service name to use (without .service suffix).
|
| networking.supplicant.<name>.bridge | Name of the bridge interface that wpa_supplicant should listen at.
|
| services.mysql.galeraCluster.name | The logical name of the Galera cluster
|
| services.postfix.settings.master.<name>.name | The name of the service to run
|
| users.users.<name>.group | The user's primary group.
|
| services.sabnzbd.settings.servers.<name>.name | The name of the server
|
| services.mysql.ensureUsers.*.name | Name of the user to ensure.
|
| services.ente.api.settings.db.name | The database name
|
| services.i2pd.proto.i2pControl.name | The endpoint name.
|
| services.dovecot2.mailboxes.<name>.name | The name of the mailbox.
|
| services.gitea.database.name | Database name.
|
| services.movim.database.name | Database name.
|
| programs.regreet.iconTheme.name | Name of the icon theme to use for regreet.
|
| services.heartbeat.name | Name of the beat
|
| services.mediawiki.name | Name of the wiki.
|
| services.teeworlds.name | Name of the server.
|
| services.snipe-it.database.name | Database name.
|
| networking.wlanInterfaces.<name>.device | The name of the underlying hardware WLAN device as assigned by udev.
|
| services.firezone.relay.name | The name of this gateway as shown in firezone
|
| services.oauth2-proxy.cookie.name | The name of the cookie that the oauth_proxy creates.
|
| services.openiscsi.name | Name of this iscsi initiator
|
| services.wordpress.sites.<name>.database.name | Database name.
|
| networking.bonds.<name>.driverOptions | Options for the bonding driver
|
| services.firewalld.zones.<name>.short | Short description for the zone.
|
| services.firewalld.zones.<name>.rules | Rich rules for the zone.
|
| services.firewalld.zones.<name>.ports | Ports to allow in the zone.
|
| networking.fooOverUDP.<name>.protocol | Protocol number of the encapsulated packets
|
| services.h2o.hosts.<name>.serverName | Server name to be used for this virtual host
|
| services.mtr-exporter.jobs.*.name | Name of ICMP pinging job.
|
| services.davis.database.name | Database name, only used when the databse is created locally.
|
| networking.vlans.<name>.interface | The interface the vlan will transmit packets through.
|
| services.firezone.server.provision.accounts.<name>.auth.<name>.name | The name of this authentication provider
|
| users.groups.<name>.gid | The group GID
|
| services.docuseal.redis.name | Name of the redis server
|
| services.i2pd.websocket.name | The endpoint name.
|
| services.monica.database.name | Database name.
|
| services.moodle.database.name | Database name.
|
| services.zammad.database.name | Database name.
|
| services.wyoming.piper.servers.<name>.zeroconf.name | The advertised name for zeroconf discovery.
|
| networking.jool.siit.<name>.framework | The framework to use for attaching Jool's translation to the exist
kernel packet processing rules
|
| services.immich.database.name | The name of the immich database.
|
| programs.nix-required-mounts.allowedPatterns.<name>.onFeatures | Which requiredSystemFeatures should trigger relaxation of the sandbox
|
| services.nsd.zones.<name>.notify | This primary server will notify all given secondary servers about
zone changes
|
| services.sympa.database.name | Database name
|
| networking.nftables.tables.<name>.enable | Enable this table.
|
| networking.nftables.tables.<name>.family | Table family.
|
| services.firewalld.zones.<name>.ports.*.port | |
| services.wakapi.database.name | The name of the database to use for Wakapi.
|
| hardware.sata.timeout.drives.*.name | Drive name without the full path.
|
| services.zabbixWeb.database.name | Database name.
|
| services.tinc.networks.<name>.hosts | The name of the host in the network as well as the configuration for that host
|
| services.rsync.jobs.<name>.user | The name of an existing user account under which the rsync process should run.
|
| services.firezone.server.provision.accounts.<name>.actors.<name>.name | The name of this actor
|
| services.firezone.server.provision.accounts.<name>.groups.<name>.name | The name of this group
|
| services.firewalld.zones.<name>.target | Action for packets that doesn't match any rules.
|
| networking.bonds.<name>.lacp_rate | DEPRECATED, use driverOptions
|
| power.ups.ups.<name>.driver | Specify the program to run to talk to this UPS. apcsmart,
bestups, and sec are some examples.
|
| services.xinetd.services.*.name | Name of the service.
|
| users.extraUsers.<name>.home | The user's home directory.
|
| users.extraUsers.<name>.homeMode | The user's home directory mode in numeric format
|
| networking.jool.nat64.<name>.framework | The framework to use for attaching Jool's translation to the exist
kernel packet processing rules
|
| programs.regreet.cursorTheme.name | Name of the cursor theme to use for regreet.
|
| services.firezone.gui-client.name | The name of this client as shown in firezone
|
| services.tomcat.virtualHosts.*.name | name of the virtualhost
|
| networking.wireless.networks.<name>.pskRaw | Either the raw pre-shared key in hexadecimal format
or the name of the secret (as defined inside
networking.wireless.secretsFile and prefixed
with ext:) containing the network pre-shared key.
Be aware that this will be written to the Nix store
in plaintext! Always use an external reference.
The external secret can be either the plaintext
passphrase or the raw pre-shared key.
Mutually exclusive with psk and auth.
|
| services.syncthing.settings.devices.<name>.name | The name of the device.
|
| containers.<name>.extraVeths.<name>.forwardPorts | List of forwarded ports from host to container
|
| containers.<name>.extraVeths.<name>.forwardPorts.*.hostPort | Source port of the external interface on host
|
| services.radicle.ci.adapters.native.instances.<name>.name | Adapter name that is used in the radicle-ci-broker configuration
|