| security.auditd.plugins.<name>.direction | The option is dictated by the plugin
|
| services.nginx.virtualHosts.<name>.redirectCode | HTTP status used by globalRedirect and forceSSL
|
| services.moodle.virtualHost.locations.<name>.proxyPass | Sets up a simple reverse proxy as described by https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html#simple.
|
| services.syncthing.settings.folders.<name>.type | Controls how the folder is handled by Syncthing
|
| services.nagios.virtualHost.locations.<name>.proxyPass | Sets up a simple reverse proxy as described by https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html#simple.
|
| services.fedimintd.<name>.nginx.config.http2 | Whether to enable the HTTP/2 protocol
|
| services.kanboard.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.fediwall.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.agorakit.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.dolibarr.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.librenms.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.agorakit.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.librenms.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.dolibarr.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.kanboard.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.fediwall.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.mainsail.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.pixelfed.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.mainsail.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.pixelfed.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.wyoming.faster-whisper.servers.<name>.beamSize | The number of beams to use in beam search
|
| services.syncthing.settings.folders.<name>.label | The label of the folder.
|
| services.kanata.keyboards.<name>.configFile | The config file
|
| security.acme.certs.<name>.credentialFiles | Environment variables suffixed by "_FILE" to set for the cert's service
for your selected dnsProvider
|
| services.keyd.keyboards.<name>.settings | Configuration, except ids section, that is written to /etc/keyd/.conf
|
| services.bacula-sd.director.<name>.tls.caCertificateFile | The path specifying a PEM encoded TLS CA certificate(s)
|
| services.bacula-fd.director.<name>.tls.caCertificateFile | The path specifying a PEM encoded TLS CA certificate(s)
|
| services.gitlab-runner.services.<name>.dockerPullPolicy | Default pull-policy for Docker images
|
| services.nginx.virtualHosts.<name>.listen.*.proxyProtocol | Enable PROXY protocol.
|
| services.kanidm.provision.persons.<name>.present | Whether to ensure that this person is present or absent.
|
| services.easytier.instances.<name>.configFile | Path to easytier config file
|
| services.ttyd.username | Username for basic http authentication.
|
| services.wordpress.sites.<name>.virtualHost.sslServerCert | Path to server SSL certificate.
|
| services.bacula-sd.autochanger.<name>.devices | |
| services.drupal.sites.<name>.virtualHost.globalRedirect | If set, all requests for this host are redirected permanently to
the given URL.
|
| services.wordpress.sites.<name>.virtualHost.servedDirs | This option provides a simple way to serve static directories.
|
| services.firewalld.zones.<name>.egressPriority | Priority for outbound traffic
|
| services.postfix.settings.master.<name>.private | Whether the service's sockets and storage directory is restricted to
be only available via the mail system
|
| services.kmonad.keyboards.<name>.defcfg.compose.delay | The delay (in milliseconds) between compose key sequences.
|
| services.hostapd.radios.<name>.networks.<name>.authentication.saePasswords.*.id | If this attribute is given with non-zero length, it will set the password identifier
for this entry
|
| services.bookstack.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.vdirsyncer.jobs.<name>.config.storages | vdirsyncer storage configurations
|
| services.syncoid.commands.<name>.localSourceAllow | Permissions granted for the services.syncoid.user user
for local source datasets
|
| services.caddy.virtualHosts.<name>.listenAddresses | A list of host interfaces to bind to for this virtual host.
|
| services.restic.backups.<name>.backupPrepareCommand | A script that must run before starting the backup process.
|
| services.restic.backups.<name>.backupCleanupCommand | A script that must run after finishing the backup process.
|
| services.snipe-it.nginx.serverName | Name of this virtual host
|
| services.keepalived.vrrpScripts.<name>.script | (Path of) Script command to execute followed by args, i.e. cmd [args]...
|
| services.firewalld.services.<name>.sourcePorts.*.port | |
| services.kubernetes.kubelet.taints.<name>.effect | Effect of taint.
|
| services.gitlab-runner.services.<name>.executor | Select executor, eg. shell, docker, etc
|
| systemd.network.networks.<name>.routingPolicyRules | A list of routing policy rules sections to be added to the unit
|
| services.v4l2-relayd.instances.<name>.input.pipeline | The gstreamer-pipeline to use for the input-stream.
|
| services.tarsnap.archives.<name>.followSymlinks | Whether to follow all symlinks in archive trees.
|
| security.pam.services.<name>.enableGnomeKeyring | If enabled, pam_gnome_keyring will attempt to automatically unlock the
user's default Gnome keyring upon login
|
| systemd.paths.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| systemd.units.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| services.frigate.settings.cameras.<name>.ffmpeg.inputs | List of inputs for this camera.
|
| services.zabbixWeb.nginx.virtualHost.locations.<name>.index | Adds index directive.
|
| services.zabbixWeb.nginx.virtualHost.locations.<name>.alias | Alias directory for requests.
|
| services.wordpress.sites.<name>.virtualHost.logFormat | Log format for Apache's log files
|
| services.radicle.httpd.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.i2pd.outTunnels.<name>.destinationPort | Connect to particular port at destination.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children | CHILD_SA configuration sub-section
|
| services.gerrit.plugins | List of plugins to add to Gerrit
|
| security.acme.certs.<name>.environmentFile | Path to an EnvironmentFile for the cert's service containing any required and
optional environment variables for your selected dnsProvider
|
| services.postfix.masterConfig.<name>.privileged | |
| systemd.user.paths.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| systemd.user.units.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| services.hostapd.radios.<name>.networks.<name>.authentication.wpaPasswordFile | Sets the password for WPA-PSK
|
| services.gitea-actions-runner.instances.<name>.token | Plain token to register at the configured Gitea/Forgejo instance.
|
| services.vdirsyncer.jobs.<name>.forceDiscover | Run yes | vdirsyncer discover prior to vdirsyncer sync
|
| services.inadyn.settings.custom.<name>.password | Password for this DDNS provider
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.policies | Whether to install IPsec policies or not
|
| programs.proxychains.proxies.<name>.enable | Whether to enable this proxy.
|
| services.firewalld.services.<name>.includes | Services to include for the service.
|
| services.grafana.provision.alerting.templates.settings.deleteTemplates.*.name | Name of the template, must be unique
|
| services.wordpress.sites.<name>.virtualHost.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| services.fedimintd.<name>.nginx.config.forceSSL | Whether to add a separate nginx server block that redirects (defaults
to 301, configurable with redirectCode) all plain HTTP traffic to
HTTPS
|
| boot.binfmt.registrations.<name>.offset | The byte offset of the magic number used for recognition.
|
| users.users.<name>.openssh.authorizedKeys.keys | A list of verbatim OpenSSH public keys that should be added to the
user's authorized keys
|
| services.openssh.knownHosts.<name>.publicKeyFile | The path to the public key file for the host
|
| services.agorakit.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.fluidd.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.fediwall.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.akkoma.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.gancio.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.kanboard.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.dolibarr.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.librenms.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.mainsail.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.monica.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.pixelfed.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.matomo.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| systemd.paths.<name>.documentation | A list of URIs referencing documentation for this unit or its configuration.
|
| services.bcg.mqtt.username | MQTT server access username.
|
| services.vmalert.instances.<name>.settings | vmalert configuration, passed via command line flags
|
| services.anuko-time-tracker.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.fcgiwrap.instances.<name>.process.group | Group as which this instance of fcgiwrap will be run.
|
| services.fedimintd.<name>.nginx.config.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|