| services.libreswan.disableRedirects | Whether to disable send and accept redirects for all network interfaces
|
| services.tarsnap.archives.<name>.cachedir | The cache allows tarsnap to identify previously stored data
blocks, reducing archival time and bandwidth usage
|
| services.mediawiki.httpd.virtualHost.globalRedirect | If set, all requests for this host are redirected permanently to
the given URL.
|
| fileSystems.<name>.overlay.upperdir | The path to the upperdir
|
| fileSystems.<name>.overlay.lowerdir | The list of path(s) to the lowerdir(s)
|
| services.openssh.authorizedKeysInHomedir | Enables the use of the ~/.ssh/authorized_keys file
|
| services.bacula-sd.director.<name>.tls.require | Require TLS or TLS-PSK encryption
|
| services.bacula-fd.director.<name>.tls.require | Require TLS or TLS-PSK encryption
|
| services.fedimintd.<name>.nginx.config.globalRedirect | If set, all requests for this host are redirected (defaults to 301,
configurable with redirectCode) to the given hostname.
|
| services.veilid.settings.core.protected_store.directory | The filesystem directory to store your protected store in.
|
| services.bacula-sd.director.<name>.tls.verifyPeer | Verify peer certificate
|
| services.bacula-fd.director.<name>.tls.verifyPeer | Verify peer certificate
|
| services.fedimintd.<name>.nginx.config.redirectCode | HTTP status used by globalRedirect and forceSSL
|
| services.biboumi.settings.policy_directory | A directory that should contain the policy files,
used to customize Botan’s behaviour
when negotiating the TLS connections with the IRC servers.
|
| services.limesurvey.virtualHost.globalRedirect | If set, all requests for this host are redirected permanently to
the given URL.
|
| services.kerberos_server.settings.includedir | Directories containing files to include in the Kerberos configuration.
|
| services.bitwarden-directory-connector-cli.ldap.ssl | Whether to use TLS.
|
| services.tarsnap.archives.<name>.directories | List of filesystem paths to archive.
|
| services.limesurvey.httpd.virtualHost.globalRedirect | If set, all requests for this host are redirected permanently to
the given URL.
|
| services.bitwarden-directory-connector-cli.ldap.ad | Whether the LDAP Server is an Active Directory.
|
| services.rustus.storage.dir_structure | pattern of a directory structure locally and on s3
|
| services.wordpress.sites.<name>.virtualHost.globalRedirect | If set, all requests for this host are redirected permanently to
the given URL.
|
| services.limesurvey.nginx.virtualHost.globalRedirect | If set, all requests for this host are redirected (defaults to 301,
configurable with redirectCode) to the given hostname.
|
| services.bitwarden-directory-connector-cli.ldap.port | Port LDAP is accessible on.
|
| services.bitwarden-directory-connector-cli.user | User to run the program.
|
| services.limesurvey.nginx.virtualHost.redirectCode | HTTP status used by globalRedirect and forceSSL
|
| services.bitwarden-directory-connector-cli.sync.users | Sync users.
|
| services.redsocks.redsocks.*.redirectInternetOnly | Exclude all non-globally-routable IPs from redsocks
|
| services.bitwarden-directory-connector-cli.ldap.rootPath | Root path for LDAP.
|
| services.vdirsyncer.jobs.<name>.additionalGroups | additional groups to add the dynamic user to
|
| services.bacula-sd.director.<name>.password | Specifies the password that must be supplied for the default Bacula
Console to be authorized
|
| services.bacula-fd.director.<name>.password | Specifies the password that must be supplied for the default Bacula
Console to be authorized
|
| programs.direnv.enableZshIntegration | Whether to enable Zsh integration
.
|
| services.bitwarden-directory-connector-cli.sync.userPath | User directory, relative to root.
|
| services.bitwarden-directory-connector-cli.ldap.startTls | Whether to use STARTTLS.
|
| services.nomad.extraSettingsPlugins | Additional plugins dir used to configure nomad.
|
| services.misskey.reverseProxy.webserver.nginx.globalRedirect | If set, all requests for this host are redirected (defaults to 301,
configurable with redirectCode) to the given hostname.
|
| services.postgresql.initdbArgs | Additional arguments passed to initdb during data dir
initialisation.
|
| programs.direnv.enableBashIntegration | Whether to enable Bash integration
.
|
| programs.direnv.enableFishIntegration | Whether to enable Fish integration
.
|
| services.bitwarden-directory-connector-cli.sync.groupPath | Group directory, relative to root.
|
| services.misskey.reverseProxy.webserver.nginx.redirectCode | HTTP status used by globalRedirect and forceSSL
|
| services.bitwarden-directory-connector-cli.sync.groups | Whether to sync ldap groups into BitWarden.
|
| services.maubot.settings.plugin_directories.load | The directories from which plugins should be loaded
|
| services.maubot.settings.plugin_directories | Plugin directory paths
|
| services.bitwarden-directory-connector-cli.domain | The domain the Bitwarden/Vaultwarden is accessible on.
|
| services.akkoma.config.":pleroma".":instance".upload_dir | Directory where Akkoma will put uploaded files.
|
| services.mpd.settings.playlist_directory | The directory where MPD stores playlists
|
| services.bacula-sd.director.<name>.tls.certificate | The full path to the PEM encoded TLS certificate
|
| services.bacula-fd.director.<name>.tls.certificate | The full path to the PEM encoded TLS certificate
|
| services.bitwarden-directory-connector-cli.enable | Whether to enable Bitwarden Directory Connector.
|
| services.fedimintd.<name>.dataDir | Path to the data dir fedimintd will use to store its data
|
| services.mobilizon.settings.":mobilizon"."Mobilizon.Storage.Repo".socket_dir | Path to the postgres socket directory
|
| services.bitwarden-directory-connector-cli.sync.userFilter | LDAP filter for users.
|
| programs.direnv.enableXonshIntegration | Whether to enable Xonsh integration
.
|
| services.maubot.settings.plugin_directories.trash | The directory where old plugin versions and conflicting plugins should be moved
|
| services.maubot.settings.plugin_directories.upload | The directory where uploaded new plugins should be stored.
|
| services.nghttpx.backends.*.params.redirect-if-not-tls | If true, a backend match requires the frontend connection be
TLS encrypted
|
| services.bitwarden-directory-connector-cli.ldap | Options to configure the LDAP connection
|
| services.bitwarden-directory-connector-cli.sync | Options to configure what gets synced
|
| security.auditd.plugins.<name>.direction | The option is dictated by the plugin
|
| services.bitwarden-directory-connector-cli.sync.groupFilter | LDAP filter for groups.
|
| services.rstudio-server.serverWorkingDir | Default working directory for server (server-working-dir in rserver.conf).
|
| services.nextcloud.settings.skeletondirectory | The directory where the skeleton files are located
|
| services.bitwarden-directory-connector-cli.secrets.ldap | Path to file that contains LDAP password for user in {option}`ldap.username
|
| services.bitwarden-directory-connector-cli.sync.emailSuffix | Suffix for the email, normally @example.com.
|
| services.bitwarden-directory-connector-cli.sync.largeImport | Enable if you are syncing more than 2000 users/groups.
|
| services.bitwarden-directory-connector-cli.ldap.pagedSearch | Whether the LDAP server paginates search results.
|
| services.bitwarden-directory-connector-cli.package | The bitwarden-directory-connector-cli package to use.
|
| services.bitwarden-directory-connector-cli.ldap.username | The user to authenticate as.
|
| services.bitwarden-directory-connector-cli.sync.userObjectClass | Class that users must have.
|
| services.bitwarden-directory-connector-cli.ldap.hostname | The host the LDAP is accessible on.
|
| programs.tsmClient.servers.<name>.passworddir | Directory that holds the TSM
node's password information.
|
| services.bitwarden-directory-connector-cli.sync.groupObjectClass | A class that groups will have.
|
| services.bitwarden-directory-connector-cli.interval | The interval when to run the connector
|
| services.borgmatic.settings.source_directories | List of source directories and files to backup
|
| services.akkoma.config.":pleroma".":instance".static_dir | Directory of static files
|
| documentation.nixos.checkRedirects | Check redirects for manualHTML.
|
| services.bitwarden-directory-connector-cli.sync.useEmailPrefixSuffix | If a user has no email address, combine a username prefix with a suffix value to form an email.
|
| services.bitwarden-directory-connector-cli.sync.removeDisabled | Remove users from bitwarden groups if no longer in the ldap group.
|
| networking.nftables.checkRulesetRedirects | Set of paths that should be intercepted and rewritten while checking the ruleset
using pkgs.buildPackages.libredirect.
|
| services.postgresqlWalReceiver.receivers.<name>.directory | Directory to write the output to.
|
| services.blockbook-frontend.<name>.cssDir | Location of the dir with main.css CSS file
|
| services.redsocks.redsocks.*.redirectCondition | Conditions to make outbound packets go through this redsocks
instance
|
| services.cyrus-imap.imapdSettings.configdirectory | The pathname of the IMAP configuration directory.
|
| services.bitwarden-directory-connector-cli.sync.groupNameAttribute | Attribute for a name of group.
|
| services.bitwarden-directory-connector-cli.sync.userEmailAttribute | Attribute for a users email.
|
| services.bitwarden-directory-connector-cli.sync.memberAttribute | Attribute that lists members in a LDAP group.
|
| virtualisation.directBoot.initrd | In direct boot situations, you may want to influence the initrd to load
to use your own customized payload
|
| services.kanidm.provision.systems.oauth2.<name>.enableLocalhostRedirects | Allow localhost redirects
|
| services.bitwarden-directory-connector-cli.sync.emailPrefixAttribute | The attribute that contains the users username.
|
| services.neo4j.directories.certificates | Directory for storing certificates to be used by Neo4j for
TLS connections
|
| services.bitwarden-directory-connector-cli.sync.overwriteExisting | Remove and re-add users/groups, See https://bitwarden.com/help/user-group-filters/#overwriting-syncs for more details.
|
| services.bitwarden-directory-connector-cli.sync.creationDateAttribute | Attribute that lists a user's creation date.
|
| services.bacula-sd.tls.caCertificateFile | The path specifying a PEM encoded TLS CA certificate(s)
|
| services.bacula-fd.tls.caCertificateFile | The path specifying a PEM encoded TLS CA certificate(s)
|
| services.paperless.consumptionDirIsPublic | Whether all users can write to the consumption dir.
|
| virtualisation.fileSystems.<name>.overlay.workdir | The path to the workdir
|
| virtualisation.directBoot.enable | If enabled, the virtual machine will boot directly into the kernel instead of through a bootloader
|
| virtualisation.fileSystems.<name>.overlay.upperdir | The path to the upperdir
|