| services.dovecot2.pluginSettings | Plugin settings for dovecot in general, e.g. sieve, sieve_default, etc
|
| virtualisation.xen.store.settings.quota.maxPath | Path limit for the quota system.
|
| services.grafana.provision.alerting.templates.settings.deleteTemplates.*.orgId | Organization ID, default = 1.
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.age | Delete a file when it reaches a certain age
|
| services.matrix-synapse.settings.signing_key_path | Path to the signing key to sign messages with.
|
| services.matrix-synapse.settings.max_image_pixels | Maximum number of pixels that will be thumbnailed
|
| services.matrix-synapse.settings.media_store_path | Directory where uploaded images and attachments are stored.
|
| services.grafana.settings.database.isolation_level | Only the MySQL driver supports isolation levels in Grafana
|
| services.grafana.provision.datasources.settings.datasources.*.url | Url of the datasource.
|
| services.ergochat.configFile | Path to configuration file
|
| services.matrix-appservice-irc.settings.ircService.passwordEncryptionKeyPath | Location of the key with which IRC passwords are encrypted
for storage
|
| services.tor.settings.VersioningAuthoritativeDirectory | See torrc manual.
|
| services.grafana.provision.alerting.templates.settings.deleteTemplates.*.name | Name of the template, must be unique
|
| services.swapspace.settings.cache_elasticity | Percentage of cache space considered to be "free"
|
| services.system76-scheduler.settings.processScheduler.pipewireBoost.profile.nice | Niceness.
|
| services.headscale.settings.derp.update_frequency | Frequency to update DERP maps.
|
| services.headscale.settings.database.postgres.password_file | A file containing the password corresponding to
database.user.
|
| services.matrix-synapse.settings.listeners.*.bind_addresses | IP addresses to bind the listener to.
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.user | The user of the file
|
| documentation.man.mandoc.settings.output.style | Path to the file used for an external style-sheet
|
| services.tor.relay.onionServices.<name>.settings.HiddenServiceNumIntroductionPoints | See torrc manual.
|
| services.healthchecks.settings.REGISTRATION_OPEN | A boolean that controls whether site visitors can create new accounts
|
| services.grafana.provision.datasources.settings.datasources.*.name | Name of the datasource
|
| services.grafana.provision.datasources.settings.datasources.*.type | Datasource type
|
| services.btrbk.instances.<name>.settings.stream_compress | Compress the btrfs send stream before transferring it from/to remote locations using a
compression command.
|
| services.snapserver.settings.stream.bind_to_address | Address to listen on for snapclient connections.
|
| services.system76-scheduler.settings.processScheduler.pipewireBoost.profile.prio | CPU scheduler priority.
|
| services.system76-scheduler.settings.cfsProfiles.responsive.bandwidth-size | sched_cfs_bandwidth_slice_us.
|
| services.postgresql.settings.log_line_prefix | A printf-style string that is output at the beginning of each log line
|
| services.system76-scheduler.settings.processScheduler.pipewireBoost.profile.ioPrio | IO scheduler priority.
|
| services.hickory-dns.configFile | Path to an existing toml file to configure hickory-dns with
|
| virtualisation.xen.store.settings.quota.maxWatch | Maximum number of watches by the Xenstore Watchdog.
|
| services.discourse.siteSettings | Discourse site settings
|
| documentation.man.mandoc.settings.output.toc | Whether to enable printing a table of contents near the beginning of the HTML output
of mandoc(1) if an input file contains at least two
non-standard sections
.
|
| services.kerberos_server.settings.realms.<name>.acl.*.access | The changes the principal is allowed to make.
The "all" permission does not imply the "get-keys" permission
|
| services.easytier.instances.<name>.settings.network_secret | EasyTier network credential used for verification and
encryption
|
| services.kerberos_server.settings.realms.<name>.acl.*.principal | Which principal the rule applies to
|
| services.maubot.settings.plugin_databases.postgres | The connection URL for plugin database
|
| virtualisation.xen.store.settings.quota.enable | Whether to enable the quota system.
|
| services.grafana.provision.datasources.settings.datasources.*.uid | Custom UID which can be used to reference this datasource in other parts of the configuration, if not specified will be generated automatically.
|
| services.system76-scheduler.settings.processScheduler.pipewireBoost.profile.class | CPU scheduler class.
|
| services.hickory-dns.settings.listen_addrs_ipv4 | List of ipv4 addresses on which to listen for DNS queries.
|
| services.hickory-dns.settings.listen_addrs_ipv6 | List of ipv6 addresses on which to listen for DNS queries.
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.group | The group of the file
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.type | The type of operation to perform on the file
|
| services.nextcloud-spreed-signaling.settings.backend.backendtype | Type of backend configuration
|
| services.system76-scheduler.settings.cfsProfiles.default.wakeup-granularity | sched_wakeup_granularity_ns.
|
| services.grafana.provision.alerting.templates.settings.templates.*.template | Alerting with a custom text template
|
| services.grafana.provision.datasources.settings.datasources.*.jsonData | Extra data for datasource plugins.
|
| virtualisation.xen.store.settings.perms.enable | Whether to enable the node permission system.
|
| services.system76-scheduler.settings.processScheduler.pipewireBoost.profile.ioClass | IO scheduler class.
|
| services.matrix-tuwunel.settings.global.allow_federation | Whether this server federates with other servers.
|
| services.matrix-conduit.settings.global.allow_federation | Whether this server federates with other servers.
|
| virtualisation.docker.daemon.settings | Configuration for docker daemon
|
| services.dependency-track.settings."alpine.oidc.user.provisioning" | Specifies if mapped OpenID Connect accounts are automatically created upon successful
authentication
|
| services.matrix-tuwunel.settings.global.trusted_servers | Servers listed here will be used to gather public keys of other servers
(notary trusted key servers)
|
| services.headscale.settings.noise.private_key_path | Path to noise private key file, generated automatically if it does not exist.
|
| virtualisation.xen.store.settings.quota.maxEntity | Entity limit for transactions.
|
| virtualisation.xen.store.settings.enableMerge | Whether to enable transaction merge support.
|
| services.nextcloud.settings.mail_smtptimeout | This depends on mail_smtpmode
|
| services.grafana.settings.security.allow_embedding | When false, the HTTP header X-Frame-Options: deny will be set in Grafana HTTP responses
which will instruct browsers to not allow rendering Grafana in a <frame>, <iframe>, <embed> or <object>
|
| boot.initrd.systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.mode | The file access mode to use when creating this file or directory.
|
| services.filesender.settings.log_facilities | Defines where FileSender logging is sent
|
| services.grafana.provision.datasources.settings.deleteDatasources | List of datasources that should be deleted from the database.
|
| services.grafana.settings.database.client_cert_path | The path to the client cert
|
| services.livekit.ingress.settings.rtc_config.port_range_end | End of UDP port range for WebRTC
|
| services.grafana.settings.security.disable_gravatar | Set to true to disable the use of Gravatar for user profile images.
|
| services.matrix-tuwunel.settings.global.max_request_size | Max request size in bytes
|
| services.matrix-conduit.settings.global.max_request_size | Max request size in bytes
|
| services.snapserver.settings.tcp-control.bind_to_address | Address to listen on for snapclient connections.
|
| services.openssh.settings.KbdInteractiveAuthentication | Specifies whether keyboard-interactive authentication is allowed.
|
| services.biboumi.settings.realname_from_jid | Whether the realname and username of each biboumi
user will be extracted from their JID
|
| services.tlsrpt.reportd.settings.organization_name | Name of the organization sending out the reports.
|
| services.omnom.settings.smtp.connection_timeout | Connection timeout duration in seconds.
|
| security.agnos.settings.accounts.*.certificates | Certificates for agnos to issue or renew.
|
| services.matrix-conduit.settings.global.database_backend | The database backend for the service
|
| services.sftpgo.settings.httpd.bindings.*.enable_web_admin | Enable the built-in web admin for this interface binding.
|
| services.nipap.settings.auth.auth_cache_timeout | Seconds to store cached auth entries for.
|
| hardware.tuxedo-drivers.settings.charging-profile | The maximum charge level to help reduce battery wear:
high_capacity charges to 100% (driver default)balanced charges to 90%stationary charges to 80% (maximum lifespan)
Note: Regardless of the configured charging profile, the operating system will always report the battery as being charged to 100%.
|
| services.nvme-rs.settings.email.smtp_password_file | File containing SMTP password
|
| services.matrix-conduit.settings.global.allow_encryption | Whether new encrypted rooms can be created
|
| services.matrix-tuwunel.settings.global.allow_encryption | Whether new encrypted rooms can be created
|
| services.omnom.settings.smtp.tls_allow_insecure | Whether to enable Whether to allow insecure TLS..
|
| services.grafana.provision.datasources.settings.datasources.*.access | Access mode. proxy or direct (Server or Browser in the UI)
|
| services.grafana.settings.database.server_cert_name | The common name field of the certificate used by the mysql or postgres server
|
| services.grafana.provision.datasources.settings.deleteDatasources.*.orgId | Organization ID of the datasource to delete.
|
| services.headscale.settings.derp.server.private_key_path | Path to derp private key file, generated automatically if it does not exist.
|
| services.grafana.provision.datasources.settings.deleteDatasources.*.name | Name of the datasource to delete.
|
| hardware.tuxedo-drivers.settings.charging-priority | These options manage the trade-off between battery charging and CPU performance when the USB-C power supply cannot provide sufficient power for both simultaneously:
charge_battery prioritizes battery charging (driver default)performance prioritizes maximum CPU performance
|
| services.maubot.settings.plugin_directories | Plugin directory paths
|
| services.searx.limiterSettings | Limiter settings for SearXNG.
|
| services.maubot.configMutable | Whether maubot should write updated config into extraConfigFile. This will make your Nix module settings have no effect besides the initial config, as extraConfigFile takes precedence over NixOS settings!
|
| services.matrix-continuwuity.settings.global.database_path | Path to the continuwuity database, the directory where continuwuity will save its data
|
| services.grafana.settings.security.cookie_samesite | Sets the SameSite cookie attribute and prevents the browser from sending this cookie along with cross-site requests
|
| services.swapspace.settings.buffer_elasticity | Percentage of buffer space considered to be "free"
|
| services.undervolt.useTimer | Whether to set a timer that applies the undervolt settings every 30s
|
| services.headscale.settings.database.sqlite.write_ahead_log | Enable WAL mode for SQLite
|
| services.mpd.settings.playlist_directory | The directory where MPD stores playlists
|
| boot.initrd.systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.age | Delete a file when it reaches a certain age
|
| services.maubot.settings.plugin_directories.load | The directories from which plugins should be loaded
|