| services.influxdb2.provision.initialSetup.passwordFile | Password for primary user
|
| services.jibri.xmppEnvironments.<name>.call.login.passwordFile | File containing the password for the user.
|
| programs.tsmClient.servers.<name>.genPasswd | Whether to enable automatic client password generation
|
| services.mastodon.elasticsearch.passwordFile | Path to file containing password for optionally authenticating with Elasticsearch.
|
| services.hostapd.radios.<name>.networks.<name>.authentication.saePasswords.*.password | The password for this entry
|
| services.invoiceplane.sites.<name>.database.passwordFile | A file containing the password corresponding to
database.user.
|
| services.icingaweb2.modules.monitoring.transports.<name>.password | Password for the api transport
|
| services.jibri.xmppEnvironments.<name>.control.login.passwordFile | File containing the password for the user.
|
| services.parsedmarc.settings.elasticsearch.password | The password to use when connecting to Elasticsearch,
if required
|
| services.prometheus.exporters.nextcloud.passwordFile | File containing the password for connecting to Nextcloud
|
| networking.openconnect.interfaces.<name>.passwordFile | File containing the password to authenticate with
|
| services.prometheus.exporters.imap-mailstat.accounts.<name>.password | |
| services.moodle.initialPassword | Specifies the initial password for the admin, i.e. the password assigned if the user does not already exist
|
| services.matrix-appservice-irc.passwordEncryptionKeyLength | Length of the key to encrypt IRC passwords with
|
| services.prometheus.scrapeConfigs.*.consul_sd_configs.*.password | Consul password
|
| services.prometheus.remoteRead.*.basic_auth.password_file | HTTP password file
|
| services.hostapd.radios.<name>.networks.<name>.authentication.saePasswords.*.passwordFile | The password for this entry, read from the given file when starting hostapd
|
| services.prometheus.remoteWrite.*.basic_auth.password_file | HTTP password file
|
| virtualisation.oci-containers.containers.<name>.login.passwordFile | Path to file containing password.
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.basic_auth.password | HTTP password
|
| services.prometheus.scrapeConfigs.*.http_sd_configs.*.basic_auth.password | HTTP password
|
| services.headscale.settings.database.postgres.password_file | A file containing the password corresponding to
database.user.
|
| services.nifi.initPasswordFile | nitial password for Apache NiFi
|
| services.prometheus.scrapeConfigs.*.basic_auth.password_file | HTTP password file
|
| programs._1password.enable | Whether to enable the 1Password CLI tool.
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.basic_auth.password | HTTP password
|
| programs._1password-gui.enable | Whether to enable the 1Password GUI application.
|
| services.croc.pass | Password or passwordfile for the relay.
|
| programs._1password.package | The 1Password CLI package to use.
|
| services.nvme-rs.settings.email.smtp_password_file | File containing SMTP password
|
| services.prometheus.scrapeConfigs.*.docker_sd_configs.*.basic_auth.password | HTTP password
|
| services.prometheus.scrapeConfigs.*.linode_sd_configs.*.basic_auth.password | HTTP password
|
| services.prometheus.scrapeConfigs.*.eureka_sd_configs.*.basic_auth.password | HTTP password
|
| services.prometheus.scrapeConfigs.*.consul_sd_configs.*.basic_auth.password | HTTP password
|
| programs._1password-gui.package | The 1Password GUI package to use.
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.password | Credentials are used to authenticate the requests to Uyuni API.
|
| services.prometheus.exporters.fritz.settings.devices.*.password_file | Path to a file which contains the password to authenticate with the target device
|
| security.pam.services.<name>.allowNullPassword | Whether to allow logging into accounts that have no password
set (i.e., have an empty password field in
/etc/passwd or
/etc/group)
|
| services.prometheus.scrapeConfigs.*.hetzner_sd_configs.*.basic_auth.password | HTTP password
|
| services.matrix-appservice-irc.settings.ircService.passwordEncryptionKeyPath | Location of the key with which IRC passwords are encrypted
for storage
|
| services.prometheus.scrapeConfigs.*.openstack_sd_configs.*.password | password for the Identity V2 and V3 APIs
|
| services.cadvisor.storageDriverPassword | Cadvisor storage driver password
|
| security.pam.enableFscrypt | Whether to enable fscrypt, to automatically unlock directories with the user's login password
|
| services.pgadmin.emailServer.enable | Whether to enable SMTP email server
|
| services.rspamd-trainer.secrets | A list of files containing the various secrets
|
| services.prometheus.scrapeConfigs.*.puppetdb_sd_configs.*.basic_auth.password | HTTP password
|
| services.prometheus.scrapeConfigs.*.marathon_sd_configs.*.basic_auth.password | HTTP password
|
| services.jupyter.notebookConfig | Raw jupyter config
|
| services.postgrest.pgpassFile | The password to authenticate to PostgreSQL with
|
| services.jirafeau.adminPasswordSha256 | SHA-256 of the desired administration password
|
| services.maubot.settings.admins | List of administrator users
|
| services.webdav.settings | Attrset that is converted and passed as config file
|
| users.mysql.pam.statusColumn | The name of the column or an SQL expression that indicates the status of
the user
|
| programs._1password-gui.polkitPolicyOwners | A list of users who should be able to integrate 1Password with polkit-based authentication mechanisms.
|
| services.prometheus.scrapeConfigs.*.kubernetes_sd_configs.*.basic_auth.password | HTTP password
|
| programs.msmtp.accounts | Named accounts and their respective configurations
|
| services.slurm.dbdserver.storagePassFile | Path to file with database password
|
| services.prometheus.scrapeConfigs.*.dockerswarm_sd_configs.*.basic_auth.password | HTTP password
|
| services.wg-access-server.secretsFile | yaml file containing all secrets. this needs to be in the same structure as the configuration
|
| boot.initrd.luks.gpgSupport | Enables support for authenticating with a GPG encrypted password.
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.prometheus.scrapeConfigs.*.http_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.pgadmin.initialPasswordFile | Initial password file for the pgAdmin account
|
| services.amule.settings.WebServer.Password | MD5 hash of the password, obtainaible with echo "<password>" | md5sum | cut -d ' ' -f 1
|
| services.grafana.settings.security.admin_password | Default admin password
|
| security.pam.enableOTPW | Whether to enable the OTPW (one-time password) PAM module.
|
| services.postfixadmin.setupPasswordFile | Password file for the admin
|
| services.prometheus.scrapeConfigs.*.digitalocean_sd_configs.*.basic_auth.password | HTTP password
|
| services.i2pd.proto.http.pass | Password for webconsole access.
|
| security.pam.oath.digits | Specify the lib.length of the one-time password in number of
digits.
|
| security.pam.oath.enable | Enable the OATH (one-time password) PAM module.
|
| users.mysql.pam.updateTable | The name of the table used for password alteration
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.graylog.rootPasswordSha2 | You MUST specify a hash password for the root user (which you only need to initially set up the
system and in case you lose connectivity to your authentication backend)
This password cannot be changed using the API or via the web interface
|
| security.pam.services.<name>.kwallet.enable | If enabled, pam_wallet will attempt to automatically unlock the
user's default KDE wallet upon login
|
| services.resilio.httpPass | HTTP web login password.
|
| services.keycloak.initialAdminPassword | Initial password set for the temporary admin user
|
| services.openvpn.servers.<name>.authUserPass | This option can be used to store the username / password credentials
with the "auth-user-pass" authentication method
|
| services.lldap.silenceForceUserPassResetWarning | Disable warning when the admin password is set declaratively with the ldap_user_pass_file setting
but the force_ldap_user_pass_reset is set to false
|
| programs.udevil.enable | Whether to enable udevil, to mount filesystems without password.
|
| security.pam.services.<name>.enableGnomeKeyring | If enabled, pam_gnome_keyring will attempt to automatically unlock the
user's default Gnome keyring upon login
|
| services.prometheus.scrapeConfigs.*.consul_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.prometheus.scrapeConfigs.*.docker_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.prometheus.scrapeConfigs.*.eureka_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.prometheus.scrapeConfigs.*.linode_sd_configs.*.basic_auth.password_file | HTTP password file
|
| security.doas.extraRules.*.noPass | If true, the user is not required to enter a
password.
|
| services.nextcloud.config.adminpassFile | The full path to a file that contains the admin's password
|
| services.diod.userdb | This option disables password/group lookups
|
| services.tt-rss.email.fromName | Name for sending outgoing mail
|
| services.wstunnel.clients.<name>.httpProxy | Proxy to use to connect to the wstunnel server (USER:PASS@HOST:PORT).
Passwords specified here will be world-readable in the Nix store!
To pass a password to the service, point the environmentFile option
to a file containing PROXY_PASSWORD=<your-password-here> and set
this option to <user>:$PROXY_PASSWORD@<host>:<port>
|
| services.prometheus.scrapeConfigs.*.hetzner_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.postgres-websockets.pgpassFile | The password to authenticate to PostgreSQL with
|
| services.patroni.dataDir | Folder where Patroni data will be written, this is where the pgpass password file will be written.
|
| services.blendfarm.basicSecurityPasswordFile | Path to the password file the client needs to connect to the server
|
| services.kanidm.provision.idmAdminPasswordFile | Path to a file containing the idm admin password for kanidm
|
| services.anki-sync-server.users | List of user-password pairs to provide to the sync server.
|
| services.athens.basicAuthPass | Password for basic auth
|
| services.factorio.token | Authentication token
|
| services.ncdns.enable | Whether to enable ncdns, a Go daemon to bridge Namecoin to DNS
|
| services.prometheus.remoteRead.*.basic_auth | Sets the Authorization header on every remote read request with the
configured username and password.
password and password_file are mutually exclusive.
|