| services.tuned.ppdSettings | Settings for TuneD's power-profiles-daemon compatibility service.
|
| services.rmfakecloud.extraSettings | Extra settings in the form of a set of key-value pairs
|
| security.auditd.settings.admin_space_left | This is a numeric value in mebibytes (MiB) that tells the audit daemon when to perform a configurable action because the system is running
low on disk space
|
| services.biboumi.settings.realname_customization | Whether the users will be able to use
the ad-hoc commands that lets them configure
their realname and username.
|
| programs.openvpn3.log-service.settings.log_dbus_details | Add D-Bus details in log file/syslog
|
| services.doh-server.configFile | The config file for the doh-server
|
| services.dendrite.settings.federation_api.database.connection_string | Database for the Federation API.
|
| services.veilid.settings.core.network.detect_address_changes | Should veilid-core detect and notify on network address changes?
|
| services.movim.h2o.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| services.opendkim.keyPath | The path that opendkim should put its generated private keys into
|
| services.crab-hole.configFile | The config file of crab-hole
|
| services.cgit.<name>.gitHttpBackend.checkExportOkFiles | Whether git-http-backend should only export repositories that contain a git-daemon-export-ok file
|
| programs.rush.global | The global statement defines global settings.
|
| services.anuko-time-tracker.nginx | With this option, you can customize the Nginx virtualHost settings.
|
| services.sabnzbd.configFile | Path to config file (deprecated, use settings instead and set this value to null)
|
| services.sourcehut.settings."hg.sr.ht".clone_bundle_threshold | .hg/store size (in MB) past which the nightly job generates clone bundles.
|
| services.coturn.realm | The default realm to be used for the users when no explicit
origin/realm relationship was found in the database, or if the TURN
server is not using any database (just the commands-line settings
and the userdb file)
|
| services.deepin.dde-daemon.enable | Whether to enable daemon for handling the deepin session settings.
|
| services.nextcloud.settings.mail_smtpstreamoptions | This depends on mail_smtpmode
|
| services.newt.blueprint | Blueprint for declarative settings, see Newt Blueprint docs for more information.
|
| services.nezha-agent.settings.disable_command_execute | Disable executing the command from dashboard.
|
| services.headscale.settings.tls_letsencrypt_listen | When HTTP-01 challenge is chosen, letsencrypt must set up a
verification endpoint, and it will be listening on:
:http = port 80.
|
| services.dendrite.settings.app_service_api.database.connection_string | Database for the Appservice API.
|
| services.dendrite.settings.user_api.device_database.connection_string | Database for the User API, devices.
|
| services.dendrite.settings.client_api.registration_disabled | Whether to disable user registration to the server
without the shared secret.
|
| services.h2o.hosts.<name>.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| services.bookstack.nginx | With this option, you can customize the nginx virtualHost settings.
|
| services.timekpr.adminUsers | All listed users will become part of the timekpr group so they can manage timekpr settings without requiring sudo.
|
| services.longview.apiKey | Longview API key
|
| services.grafana.settings.analytics.feedback_links_enabled | Set to false to remove all feedback links from the UI.
|
| services.geoclue2.appConfig | Specify extra settings per application.
|
| security.agnos.settings.accounts.*.private_key_path | Path of the PEM-encoded private key for this account
|
| services.grav.systemSettings | Settings written to user/config/system.yaml.
|
| services.postfix.settings.main.smtp_tls_security_level | The client TLS security level.
Use dane with a local DNSSEC validating DNS resolver enabled.
https://www.postfix.org/postconf.5.html#smtp_tls_security_level
|
| services.akkoma.config | Configuration for Akkoma
|
| services.dolibarr.h2o.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| services.xandikos.nginx.enable | Configure the nginx reverse proxy settings.
|
| services.mediagoblin.settings.mediagoblin.email_sender_address | Email address which notices are sent from.
|
| services.longview.apiKeyFile | A file containing the Longview API key
|
| services.grafana.settings.security.x_content_type_options | Set to false to disable the X-Content-Type-Options response header
|
| services.h2o.defaultTLSRecommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| services.dendrite.settings.user_api.account_database.connection_string | Database for the User API, accounts.
|
| services.stash.settings.preview_segment_duration | Preview segment duration, in seconds
|
| services.factorio.saveName | The name of the savegame that will be used by the server
|
| services.bonsaid.configFile | Path to a .json file specifying the state transitions
|
| services.pgbouncer.settings.pgbouncer.max_user_connections | Do not allow more than this many server connections per user (regardless of database)
|
| services.mailman.webSettings | Overrides for the default mailman-web Django settings.
|
| services.graphite.web.extraConfig | Graphite webapp settings
|
| virtualisation.xen.store.settings.conflict.rateLimitIsAggregate | If the conflict.rateLimitIsAggregate option is true, then after each
tick one point of conflict-credit is given to just one domain: the
one at the front of the queue
|
| services.chhoto-url.settings.custom_landing_directory | The path of a directory which contains a custom landing page.
|
| services.matrix-synapse.log | Default configuration for the loggers used by matrix-synapse and its workers
|
| services.neo4j.extraServerConfig | Extra configuration for Neo4j Community server
|
| services.chhoto-url.settings.public_mode_expiry_delay | The maximum expiry delay in seconds to force in public mode.
|
| services.cyrus-imap.imapdSettings | IMAP configuration settings
|
| services.cyrus-imap.cyrusSettings | Cyrus configuration settings
|
| services.grafana.settings.security.csrf_additional_headers | List of allowed headers to be set by the user
|
| services.kanidm.unix.settings.kanidm.pam_allowed_login_groups | Kanidm groups that are allowed to login using PAM.
|
| services.matrix-conduit.settings.global.allow_check_for_updates | Whether to allow Conduit to automatically contact
https://conduit.rs hourly to check for important Conduit news
|
| services.postfix.settings.main.smtpd_tls_security_level | The server TLS security level
|
| services.cpupower-gui.enable | Enables dbus/systemd service needed by cpupower-gui
|
| services.grafana.settings.security.content_security_policy | Set to true to add the Content-Security-Policy header to your requests
|
| services.journald.rateLimitBurst | Configures the rate limiting burst limit (number of messages per
interval) that is applied to all messages generated on the system
|
| services.filesender.settings.storage_filesystem_path | When using storage type filesystem this is the absolute path to the file system where uploaded files are stored until they expire
|
| services.doh-server.settings.ecs_allow_non_global_ip | By default, non global IP addresses are never forwarded to upstream servers
|
| services.davis.database.urlFile | A file containing the database connection url
|
| services.bluemap.coreSettings | Settings for the core.conf file, see upstream docs.
|
| services.trilium-server.nginx.enable | Configure the nginx reverse proxy settings.
|
| services.matrix-synapse.settings.app_service_config_files | A list of application service config file to use
|
| services.sitespeed-io.runs | A list of run configurations
|
| services.hardware.lcd.server.usbGroup | The group to use for settings permissions
|
| services.headscale.settings.tls_letsencrypt_hostname | Domain name to request a TLS certificate for.
|
| services.tuned.settings.default_instance_priority | Default instance (unit) priority.
|
| services.radicale.rights | Configuration for Radicale's rights file
|
| services.cloudlog.extraConfig | Any additional text to be appended to the config.php
configuration file
|
| services.bitlbee.extraSettings | Will be inserted in the Settings section of the config file.
|
| security.agnos.settings.accounts.*.certificates.*.key_output_file | Output path for the certificate private key
|
| services.hardware.bolt.enable | Whether to enable Bolt, a userspace daemon to enable
security levels for Thunderbolt 3 on GNU/Linux
|
| services.nomad.extraSettingsPaths | Additional settings paths used to configure nomad
|
| services.freshrss.api.enable | Whether to enable API access for mobile apps and third-party clients (Google Reader API and Fever API)
|
| services.nextcloud.settings.mail_send_plaintext_only | Email will be sent by default with an HTML and a plain text body
|
| programs.clash-verge.tunMode | Whether to enable Setcap for TUN Mode
|
| services.postgresql.settings.shared_preload_libraries | List of libraries to be preloaded.
|
| services.minetest-server.config | Settings to add to the minetest config file
|
| services.syncthing.configDir | The path where the settings and keys will exist.
|
| services.kanidm.serverSettings | Settings for Kanidm, see
the documentation
and example configuration
for possible values.
|
| services.snipe-it.config | Snipe-IT configuration options to set in the
.env file
|
| services.warpgate.settings.http.trust_x_forwarded_headers | Trust X-Forwarded-* headers
|
| services.matrix-synapse.settings.url_preview_url_blacklist | Optional list of URL matches that the URL preview spider is
denied from accessing.
|
| services.portunus.seedSettings | Seed settings for users and groups
|
| services.bluemap.webappSettings | Settings for the webapp.conf file, see upstream docs.
|
| services.buffyboard.settings.quirks.ignore_unused_terminals | If true, buffyboard won't automatically update the layout of a new terminal and
draw the keyboard, if the terminal is not opened by any process
|
| services.logstash.extraSettings | Extra Logstash settings in YAML format.
|
| services.grafana.settings.analytics.check_for_plugin_updates | When set to false, disables checking for new versions of installed plugins from https://grafana.com
|
| services.mediawiki.extraConfig | Any additional text to be appended to MediaWiki's
LocalSettings.php configuration file
|
| services.apcupsd.configText | Contents of the runtime configuration file, apcupsd.conf
|
| services.github-runners.<name>.user | User under which to run the service
|
| services.mattermost.environmentFile | Environment file (see systemd.exec(5)
"EnvironmentFile=" section for the syntax) which sets config options
for mattermost (see the Mattermost documentation)
|
| services.grafana.settings.security.strict_transport_security | Set to true if you want to enable HTTP Strict-Transport-Security (HSTS) response header
|
| services.btrbk.extraPackages | Extra packages for btrbk, like compression utilities for stream_compress.
Note: This option will get deprecated in future releases
|
| services.veilid.settings.core.protected_store.allow_insecure_fallback | If we can't use system-provided secure storage, should we proceed anyway?
|