| services.nextcloud.settings.mail_smtpsecure | This depends on mail_smtpmode
|
| services.filebeat.settings.output.elasticsearch.hosts | The list of Elasticsearch nodes to connect to
|
| services.postfix.settings.main.mynetworks_style | The method used for generating the default value for mynetworks, if that option is unset.
https://www.postfix.org/postconf.5.html#mynetworks_style
|
| services.matrix-conduit.settings.global.trusted_servers | Servers trusted with signing server keys.
|
| services.snapserver.settings.tcp.bind_to_address | Address to listen on for snapclient connections.
|
| services.grafana.settings.users.allow_org_create | Set to false to prohibit users from creating new organizations.
|
| services.warpgate.settings.http.sni_certificates | Certificates for additional domains.
|
| services.mbpfan.settings.general.polling_interval | The polling interval.
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.user | The user of the file
|
| services.public-inbox.settings.publicinboxmda.spamcheck | If set to spamc, public-inbox-watch(1) will filter spam
using SpamAssassin.
|
| services.hickory-dns.configFile | Path to an existing toml file to configure hickory-dns with
|
| services.matrix-synapse.settings.signing_key_path | Path to the signing key to sign messages with.
|
| services.matrix-synapse.settings.max_image_pixels | Maximum number of pixels that will be thumbnailed
|
| services.matrix-synapse.settings.media_store_path | Directory where uploaded images and attachments are stored.
|
| services.grafana.settings.database.client_key_path | The path to the client key
|
| users.mysql.nss | Settings for libnss-mysql
|
| services.grafana.settings.server.static_root_path | Root path for static assets.
|
| services.snapserver.settings.http.bind_to_address | Address to listen on for snapclient connections.
|
| services.grafana.settings.users.auto_assign_org | Set to true to automatically add new users to the main organization (id 1)
|
| services.tor.settings.VersioningAuthoritativeDirectory | See torrc manual.
|
| services.parsedmarc.settings.general.save_aggregate | Save aggregate report data to Elasticsearch and/or Splunk.
|
| services.swapspace.settings.cache_elasticity | Percentage of cache space considered to be "free"
|
| services.nvme-rs.settings.thresholds.error_threshold | Error count warning threshold
|
| services.jibri.xmppEnvironments.<name>.control.login.domain | The domain part of the JID for this Jibri instance.
|
| services.grafana.settings.security.admin_password | Default admin password
|
| services.grafana.provision.alerting.templates.settings.templates.*.name | Name of the template, must be unique
|
| services.grafana.provision.alerting.contactPoints.settings.deleteContactPoints | List of receivers that should be deleted.
|
| services.system76-scheduler.settings.processScheduler.refreshInterval | Process list poll interval, in seconds
|
| services.warpgate.settings.http.sni_certificates.*.key | Path to private key.
|
| services.matrix-synapse.settings.listeners.*.bind_addresses | IP addresses to bind the listener to.
|
| services.grafana.settings.users.default_language | This setting configures the default UI language, which must be a supported IETF language tag, such as en-US.
|
| services.veilid.settings.core.network.routing_table.bootstrap | Host name of existing well-known Veilid bootstrap servers for the network to connect to.
|
| boot.loader.generic-extlinux-compatible.enable | Whether to generate an extlinux-compatible configuration file
under /boot/extlinux.conf
|
| services.parsedmarc.settings.elasticsearch.password | The password to use when connecting to Elasticsearch,
if required
|
| services.grafana.settings.users.viewers_can_edit | Viewers can access and use Explore and perform temporary edits on panels in dashboards they have access to
|
| virtualisation.xen.store.settings.quota.maxSize | Size limit for transactions.
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.group | The group of the file
|
| services.parsedmarc.settings.elasticsearch.cert_path | The path to a TLS certificate bundle used to verify
the server's certificate.
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.type | The type of operation to perform on the file
|
| virtualisation.xen.store.settings.quota.maxPath | Path limit for the quota system.
|
| services.grafana.settings.database.isolation_level | Only the MySQL driver supports isolation levels in Grafana
|
| nix.checkAllErrors | If enabled, checks the nix.conf parsing for any kind of error
|
| services.postgresql.settings.log_line_prefix | A printf-style string that is output at the beginning of each log line
|
| services.system76-scheduler.settings.processScheduler.pipewireBoost.enable | Boost Pipewire client priorities.
|
| services.matrix-appservice-irc.settings.ircService.passwordEncryptionKeyPath | Location of the key with which IRC passwords are encrypted
for storage
|
| services.searx.limiterSettings | Limiter settings for SearXNG.
|
| services.kerberos_server.settings.realms.<name>.acl.*.principal | Which principal the rule applies to
|
| services.veilid.settings.core.protected_store.directory | The filesystem directory to store your protected store in.
|
| services.grafana.provision.datasources.settings.datasources | List of datasources to insert/update.
|
| services.hickory-dns.settings.listen_addrs_ipv4 | List of ipv4 addresses on which to listen for DNS queries.
|
| services.hickory-dns.settings.listen_addrs_ipv6 | List of ipv6 addresses on which to listen for DNS queries.
|
| services.grafana.provision.alerting.contactPoints.settings.deleteContactPoints.*.uid | Unique identifier for the receiver
|
| services.headscale.settings.derp.update_frequency | Frequency to update DERP maps.
|
| virtualisation.docker.daemon.settings | Configuration for docker daemon
|
| services.victoriatraces.basicAuthUsername | Basic Auth username used to protect VictoriaTraces instance by authorization
|
| services.tor.relay.onionServices.<name>.settings.HiddenServiceNumIntroductionPoints | See torrc manual.
|
| services.grafana.provision.dashboards.settings.providers.*.options.path | Path grafana will watch for dashboards
|
| services.grafana.provision.alerting.contactPoints.settings.deleteContactPoints.*.orgId | Organization ID, default = 1.
|
| services.snapserver.settings.stream.bind_to_address | Address to listen on for snapclient connections.
|
| services.kerberos_server.settings.realms.<name>.acl.*.access | The changes the principal is allowed to make.
The "all" permission does not imply the "get-keys" permission
|
| services.grafana.provision.alerting.templates.settings.deleteTemplates | List of alert rule UIDs that should be deleted.
|
| services.jibri.xmppEnvironments.<name>.control.muc.nickname | The nickname for this Jibri instance in the MUC.
|
| services.prometheus.exporters.ecoflow.prefix | The prefix that will be added to all metrics
|
| services.firezone.server.settingsSecret.RELEASE_COOKIE | A file containing a unique secret identifier for the Erlang
cluster
|
| services.grafana.provision.datasources.settings.datasources.*.url | Url of the datasource.
|
| documentation.man.mandoc.settings.output.style | Path to the file used for an external style-sheet
|
| services.nextcloud.settings.mail_smtptimeout | This depends on mail_smtpmode
|
| services.maubot.configMutable | Whether maubot should write updated config into extraConfigFile. This will make your Nix module settings have no effect besides the initial config, as extraConfigFile takes precedence over NixOS settings!
|
| virtualisation.xen.store.settings.quota.maxWatch | Maximum number of watches by the Xenstore Watchdog.
|
| security.agnos.settings.accounts.*.certificates | Certificates for agnos to issue or renew.
|
| virtualisation.xen.store.settings.enableMerge | Whether to enable transaction merge support.
|
| services.openssh.settings.KbdInteractiveAuthentication | Specifies whether keyboard-interactive authentication is allowed.
|
| services.headscale.settings.database.postgres.password_file | A file containing the password corresponding to
database.user.
|
| services.maubot.settings.plugin_databases.postgres | The connection URL for plugin database
|
| services.grafana.provision.datasources.settings.datasources.*.name | Name of the datasource
|
| services.grafana.provision.datasources.settings.datasources.*.type | Datasource type
|
| services.undervolt.useTimer | Whether to set a timer that applies the undervolt settings every 30s
|
| virtualisation.xen.store.settings.quota.enable | Whether to enable the quota system.
|
| services.grafana.provision.alerting.templates.settings.deleteTemplates.*.orgId | Organization ID, default = 1.
|
| services.matrix-tuwunel.settings.global.allow_federation | Whether this server federates with other servers.
|
| services.matrix-conduit.settings.global.allow_federation | Whether this server federates with other servers.
|
| services.biboumi.settings.realname_from_jid | Whether the realname and username of each biboumi
user will be extracted from their JID
|
| boot.initrd.systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.mode | The file access mode to use when creating this file or directory.
|
| services.parsedmarc.provision.grafana.dashboard | Whether the official parsedmarc grafana dashboard should
be provisioned to the local grafana instance.
|
| services.system76-scheduler.settings.cfsProfiles.responsive.bandwidth-size | sched_cfs_bandwidth_slice_us.
|
| services.firezone.server.settingsSecret.LIVE_VIEW_SIGNING_SALT | A file containing a unique base64 encoded secret for the
LIVE_VIEW_SIGNING_SALT
|
| services.headscale.settings.noise.private_key_path | Path to noise private key file, generated automatically if it does not exist.
|
| services.filesender.settings.log_facilities | Defines where FileSender logging is sent
|
| virtualisation.xen.store.settings.perms.enable | Whether to enable the node permission system.
|
| documentation.man.mandoc.settings.output.toc | Whether to enable printing a table of contents near the beginning of the HTML output
of mandoc(1) if an input file contains at least two
non-standard sections
.
|
| virtualisation.xen.store.settings.quota.maxEntity | Entity limit for transactions.
|
| services.maubot.settings.plugin_directories | Plugin directory paths
|
| services.nextcloud-spreed-signaling.settings.backend.backendtype | Type of backend configuration
|
| services.grafana.provision.alerting.templates.settings.deleteTemplates.*.name | Name of the template, must be unique
|
| services.grafana.settings.database.client_cert_path | The path to the client cert
|
| services.system76-scheduler.settings.processScheduler.pipewireBoost.profile.nice | Niceness.
|
| services.matrix-tuwunel.settings.global.trusted_servers | Servers listed here will be used to gather public keys of other servers
(notary trusted key servers)
|
| services.grafana.settings.security.disable_gravatar | Set to true to disable the use of Gravatar for user profile images.
|
| services.matrix-tuwunel.settings.global.max_request_size | Max request size in bytes
|
| services.matrix-conduit.settings.global.max_request_size | Max request size in bytes
|