| services.gitea-actions-runner.instances.<name>.url | Base URL of your Gitea/Forgejo instance.
|
| services.prosody.virtualHosts.<name>.ssl.extraOptions | Extra SSL configuration options.
|
| services.radicle.httpd.nginx.locations.<name>.root | Root directory for requests.
|
| services.borgbackup.jobs.<name>.dumpCommand | Backup the stdout of this program instead of filesystem paths
|
| systemd.network.networks.<name>.addresses | A list of address sections to be added to the unit
|
| services.fediwall.nginx.locations.<name>.index | Adds index directive.
|
| services.dolibarr.nginx.locations.<name>.alias | Alias directory for requests.
|
| networking.wg-quick.interfaces.<name>.preDown | Command called before the interface is taken down.
|
| services.kanboard.nginx.locations.<name>.alias | Alias directory for requests.
|
| programs.proxychains.proxies.<name>.host | Proxy host or IP address.
|
| programs.xfs_quota.projects.<name>.sizeSoftLimit | Soft limit of the project size
|
| services.librenms.nginx.locations.<name>.index | Adds index directive.
|
| services.agorakit.nginx.locations.<name>.index | Adds index directive.
|
| services.kanboard.nginx.locations.<name>.index | Adds index directive.
|
| services.fediwall.nginx.locations.<name>.alias | Alias directory for requests.
|
| programs.xfs_quota.projects.<name>.sizeHardLimit | Hard limit of the project size.
|
| services.dolibarr.nginx.locations.<name>.index | Adds index directive.
|
| services.librenms.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.agorakit.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.sabnzbd.settings.servers.<name>.enable | Enable this server by default
|
| services.pixelfed.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.pixelfed.nginx.locations.<name>.index | Adds index directive.
|
| services.mainsail.nginx.locations.<name>.index | Adds index directive.
|
| services.mainsail.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.prometheus.exporters.sql.configuration.jobs.<name>.queries.<name>.help | A human-readable description of this metric.
|
| security.pam.services.<name>.startSession | If set, the service will register a new session with
systemd's login manager
|
| services.strongswan-swanctl.swanctl.secrets.token.<name>.module | Optional PKCS#11 module name to access the token.
|
| services.bitcoind.<name>.prune | Reduce storage requirements by enabling pruning (deleting) of old
blocks
|
| networking.wg-quick.interfaces.<name>.peers | Peers linked to the interface.
|
| services.authelia.instances.<name>.package | The authelia package to use.
|
| services.mosquitto.bridges.<name>.settings | Additional settings for this bridge.
|
| services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.aaa_id | Server side EAP-Identity to expect in the EAP method
|
| networking.bonds | This option allows you to define bond devices that aggregate multiple,
underlying networking interfaces together
|
| services.fluidd.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.gancio.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.akkoma.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.fedimintd.<name>.nginx.config.basicAuth | Basic Auth protection for a vhost
|
| services.matomo.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.monica.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.firezone.server.provision.accounts.<name>.groups | All groups to provision
|
| services.libinput.touchpad.dev | Path for touchpad device
|
| services.code-server.extensionsDir | Path to the extensions directory.
|
| services.bluesky-pds.pdsadmin.enable | Add pdsadmin script to PATH
|
| services.buildbot-master.masterCfg | Optionally pass master.cfg path
|
| services.forgejo.database.socket | Path to the unix socket file to use for authentication.
|
| services.gokapi.settingsFile | Path to config file to parse and append to settings
|
| services.forgejo.settings.log.ROOT_PATH | Root path for log files.
|
| services.ncps.cache.storage.s3.accessKeyIdPath | The path to a file containing only the access-key-id.
|
| services.shibboleth-sp.configFile | Path to shibboleth config file
|
| services.restic.server.htpasswd-file | The path to the servers .htpasswd file
|
| services.outline.storage.secretKeyFile | File path that contains the S3 secret key.
|
| services.syncplay.passwordFile | Path to the file that contains the server password
|
| services.redmine.database.socket | Path to the unix socket file to use for authentication.
|
| services.lasuite-meet.secretKeyPath | Path to the Django secret key
|
| services.lasuite-docs.secretKeyPath | Path to the Django secret key
|
| services.github-runners.<name>.group | Group under which to run the service
|
| services.tarsnap.archives.<name>.includes | Include only files and directories matching these
patterns (the empty list includes everything)
|
| services.mautrix-meta.instances.<name>.enable | Whether to enable Mautrix-Meta, a Matrix <-> Facebook and Matrix <-> Instagram hybrid puppeting/relaybot bridge.
|
| services.hylafax.modems.<name>.config | Attribute set of values for the given modem
|
| services.wstunnel.clients.<name>.customHeaders | Custom HTTP headers to send during the upgrade request.
|
| systemd.user.services.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| security.pam.services.<name>.ttyAudit.enablePattern | For each user matching one of comma-separated
glob patterns, enable TTY auditing
|
| programs.xfs_quota.projects.<name>.fileSystem | XFS filesystem hosting the xfs_quota project.
|
| services.snapper.configs.<name>.TIMELINE_CREATE | Defines whether hourly snapshots should be created.
|
| systemd.user.services.<name>.environment | Environment variables passed to the service's processes.
|
| services.strongswan-swanctl.swanctl.secrets.private.<name>.file | File name in the private folder for which this passphrase should be used.
|
| services.roundcube.database.dbname | Name of the postgresql database
|
| services.nominatim.database.dbname | Name of the postgresql database.
|
| systemd.user.services.<name>.startLimitIntervalSec | Configure unit start rate limiting
|
| networking.bridges.<name>.interfaces | The physical network interfaces connected by the bridge.
|
| services.znc.confOptions.networks.<name>.channels | IRC channels to join.
|
| services.fedimintd.<name>.nginx.config.kTLS | Whether to enable kTLS support
|
| services.dokuwiki.sites.<name>.settings | Structural DokuWiki configuration
|
| services.openssh.knownHosts.<name>.certAuthority | This public key is an SSH certificate authority, rather than an
individual host's key.
|
| services.prometheus.exporters.sql.configuration.jobs.<name>.queries.<name>.query | The SQL query to run.
|
| services.multipath.devices.*.alias_prefix | The user_friendly_names prefix to use for this device type, instead of the default mpath
|
| openstack.zfs.datasets.<name>.properties | Properties to set on this dataset.
|
| services.postfix.settings.master.<name>.wakeup | Automatically wake up the service after the specified number of
seconds
|
| boot.loader.grub.mirroredBoots.*.devices | The path to the devices which will have the GRUB MBR written
|
| security.pam.makeHomeDir.skelDirectory | Path to skeleton directory whose contents are copied to home
directories newly created by pam_mkhomedir.
|
| services.hebbot.templates.report | A path to the Markdown file for the report template.
|
| programs.sway.package | The sway package to use
|
| services.dnsproxy.settings | Contents of the config.yaml config file
|
| services.cockroachdb.certsDir | The path to the certificate directory.
|
| services.thanos.query.web.route-prefix | Prefix for API and UI endpoints
|
| services.pleroma.secretConfigFile | Path to the file containing your secret pleroma configuration.
DO NOT POINT THIS OPTION TO THE NIX
STORE, the store being world-readable, it'll
compromise all your secrets.
|
| services.misskey.redis.passwordFile | The path to a file containing the Redis password
|
| services.plausible.server.baseUrl | Public URL where plausible is available
|
| services.thinkfan.fans | List of fans thinkfan will control.
This section slightly departs from the thinkfan.conf syntax
|
| services.nagios.virtualHost.sslServerChain | Path to server SSL chain file.
|
| services.moodle.virtualHost.sslServerChain | Path to server SSL chain file.
|
| services.xserver.synaptics.dev | Path for touchpad device
|
| services.fluidd.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.gancio.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.akkoma.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.fedimintd.<name>.nginx.config.extraConfig | These lines go to the end of the vhost verbatim.
|
| services.nntp-proxy.users.<name>.maxConnections | Maximum number of concurrent connections to the proxy for this user
|
| services.matomo.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.monica.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.logrotate.settings.<name>.global | Whether this setting is a global option or not: set to have these
settings apply to all files settings with a higher priority.
|