| services.fedimintd.<name>.api_iroh.openFirewall | Opens UDP port in firewall for fedimintd's API Iroh endpoint
|
| services.kubernetes.apiserverAddress | Clusterwide accessible address for the kubernetes apiserver,
including protocol and optional port.
|
| boot.initrd.luks.mitigateDMAAttacks | Unless enabled, encryption keys can be easily recovered by an attacker with physical
access to any machine with PCMCIA, ExpressCard, ThunderBolt or FireWire port
|
| networking.networkmanager.ensureProfiles.profiles | Declaratively define NetworkManager profiles
|
| services.foundationdb.publicAddress | Publicly visible IP address of the process
|
| services.foundationdb.listenAddress | Publicly visible IP address of the process
|
| virtualisation.forwardPorts.*.from | Controls the direction in which the ports are mapped:
"host" means traffic from the host ports
is forwarded to the given guest port."guest" means traffic from the guest ports
is forwarded to the given host port.
|
| services.yggdrasil.openMulticastPort | Whether to open the UDP port used for multicast peer discovery
|
| services.shibboleth-sp.fastcgi.shibAuthorizerPort | Port for shibauthorizer FastCGI process to bind to
|
| services.autossh.sessions.*.monitoringPort | Port to be used by AutoSSH for peer monitoring
|
| services.prometheus.exporters.unpoller.controllers.*.save_anomalies | Collect and save data from UniFi anomalies to influxdb and Loki.
|
| services.matrix-synapse.workers | Options for configuring workers
|
| services.multipath.devices.*.fast_io_fail_tmo | Specify the number of seconds the SCSI layer will wait after a problem has been
detected on a FC remote port before failing I/O to devices on that remote port
|
| services.kubernetes.controllerManager.securePort | Kubernetes controller manager secure listening port.
|
| services.blockbook-frontend.<name>.internal | Internal http server binding [address]:port.
|
| programs.localsend.openFirewall | Whether to enable opening the firewall port 53317 for receiving files.
|
| services.librenms.distributedPoller.memcachedPort | Port of the memcached server.
|
| services.librenms.distributedPoller.rrdcachedPort | Port of the memcached server.
|
| nix.firewall.allowPrivateNetworks | Whether to allow traffic to local networks
|
| services.taskchampion-sync-server.openFirewall | Whether to enable Open firewall port for taskchampion-sync-server.
|
| services.static-web-server.configuration | Configuration for Static Web Server
|
| networking.jool.siit | Definitions of SIIT instances of Jool
|
| programs.kdeconnect.enable | Whether to enable kdeconnect
|
| networking.vswitches.<name>.supportedOpenFlowVersions | Supported versions to enable on this switch.
|
| services.prometheus.alertmanager.openFirewall | Open port in firewall for incoming connections.
|
| services.armagetronad.servers.<name>.openFirewall | Set to true to open the configured UDP port for Armagetron Advanced.
|
| networking.jool.nat64 | Definitions of NAT64 instances of Jool
|
| networking.rxe.interfaces | Enable RDMA on the listed interfaces
|
| services.changedetection-io.chromePort | A free port on which webDriverSupport or playwrightSupport listen on localhost.
|
| services.headscale.settings.tls_letsencrypt_listen | When HTTP-01 challenge is chosen, letsencrypt must set up a
verification endpoint, and it will be listening on:
:http = port 80.
|
| services.grafana.settings.security.strict_transport_security_preload | Set to true to enable HSTS preloading option
|
| services.prometheus.alertmanagerGotify.openFirewall | Opens the bridge port in the firewall.
|
| services.redsocks.redsocks.*.redirectCondition | Conditions to make outbound packets go through this redsocks
instance
|
| services.kanidm.serverSettings.ldapbindaddress | Address and port the LDAP server is bound to
|
| services.grafana.settings.security.content_security_policy_report_only | Set to true to add the Content-Security-Policy-Report-Only header to your requests
|
| services.multipath.devices.*.dev_loss_tmo | Specify the number of seconds the SCSI layer will wait after a problem has
been detected on a FC remote port before removing it from the system
|
| services.grafana.settings.security.strict_transport_security_subdomains | Set to true to enable HSTS includeSubDomains option
|
| networking.wg-quick.interfaces.<name>.listenPort | 16-bit port for listening
|
| security.agnos.temporarilyOpenFirewall | When true, will open the port specified in settings.dns_listen_addr
before running the agnos service, and close it when agnos finishes running.
|
| services.strongswan-swanctl.swanctl.connections.<name>.mobike | Enables MOBIKE on IKEv2 connections
|
| services.grafana.settings.security.strict_transport_security_max_age_seconds | Sets how long a browser should cache HSTS in seconds
|
| containers.<name>.forwardPorts.*.hostPort | Source port of the external interface on host
|
| networking.resolvconf.dnsSingleRequest | Recent versions of glibc will issue both ipv4 (A) and ipv6 (AAAA)
address queries at the same time, from the same port
|
| networking.wireguard.interfaces.<name>.listenPort | 16-bit port for listening
|
| virtualisation.podman.networkSocket.openFirewall | Whether to open the port in the firewall.
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.path | Unix domain socket path to bind this listener to.
|
| networking.sits.<name>.encapsulation.sourcePort | Source port when using UDP encapsulation
|
| containers.<name>.forwardPorts | List of forwarded ports from host to container
|
| services.borgmatic.configurations.<name>.repositories | A required list of local or remote repositories with paths and
optional labels (which can be used with the --repository flag to
select a repository)
|
| containers.<name>.forwardPorts.*.protocol | The protocol specifier for port forwarding between host and container
|
| containers.<name>.extraVeths.<name>.forwardPorts.*.hostPort | Source port of the external interface on host
|
| containers.<name>.privateNetwork | Whether to give the container its own private virtual
Ethernet interface
|
| containers.<name>.forwardPorts.*.containerPort | Target port of container
|
| containers.<name>.extraVeths.<name>.forwardPorts | List of forwarded ports from host to container
|
| containers.<name>.extraVeths.<name>.forwardPorts.*.protocol | The protocol specifier for port forwarding between host and container
|
| containers.<name>.extraVeths.<name>.forwardPorts.*.containerPort | Target port of container
|