| services.dendrite.settings.client_api.registration_disabled | Whether to disable user registration to the server
without the shared secret.
|
| services.gatus.configFile | Path to the Gatus configuration file
|
| services.kmscon.useXkbConfig | Whether to configure keymap from xserver keyboard settings.
|
| services.movim.h2o.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| services.grafana.settings.analytics.feedback_links_enabled | Set to false to remove all feedback links from the UI.
|
| services.dendrite.settings.app_service_api.database.connection_string | Database for the Appservice API.
|
| services.dendrite.settings.user_api.device_database.connection_string | Database for the User API, devices.
|
| services.stash.settings.preview_segment_duration | Preview segment duration, in seconds
|
| services.postfix.settings.main.smtp_tls_security_level | The client TLS security level.
Use dane with a local DNSSEC validating DNS resolver enabled.
https://www.postfix.org/postconf.5.html#smtp_tls_security_level
|
| services.h2o.hosts.<name>.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| services.fediwall.nginx | Allows customizing the nginx virtualHost settings
|
| services.h2o.defaultTLSRecommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| services.mediagoblin.settings.mediagoblin.email_sender_address | Email address which notices are sent from.
|
| services.cgit.<name>.gitHttpBackend.checkExportOkFiles | Whether git-http-backend should only export repositories that contain a git-daemon-export-ok file
|
| services.chhoto-url.settings.custom_landing_directory | The path of a directory which contains a custom landing page.
|
| services.grafana.settings.security.x_content_type_options | Set to false to disable the X-Content-Type-Options response header
|
| services.chhoto-url.settings.public_mode_expiry_delay | The maximum expiry delay in seconds to force in public mode.
|
| services.agorakit.nginx | With this option, you can customize the nginx virtualHost settings.
|
| services.librenms.nginx | With this option, you can customize the nginx virtualHost settings.
|
| services.dendrite.settings.user_api.account_database.connection_string | Database for the User API, accounts.
|
| services.artalk.allowModify | allow Artalk store the settings to config file persistently
|
| services.jitsi-meet.config | Client-side web application settings that override the defaults in config.js
|
| services.filesender.settings.storage_filesystem_path | When using storage type filesystem this is the absolute path to the file system where uploaded files are stored until they expire
|
| services.dolibarr.h2o.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| services.grafana.settings.security.csrf_additional_headers | List of allowed headers to be set by the user
|
| services.pgbouncer.settings.pgbouncer.max_user_connections | Do not allow more than this many server connections per user (regardless of database)
|
| services.postfix.settings.main.smtpd_tls_security_level | The server TLS security level
|
| services.matrix-conduit.settings.global.allow_check_for_updates | Whether to allow Conduit to automatically contact
https://conduit.rs hourly to check for important Conduit news
|
| services.doh-server.settings.ecs_allow_non_global_ip | By default, non global IP addresses are never forwarded to upstream servers
|
| services.matrix-synapse.settings.app_service_config_files | A list of application service config file to use
|
| services.headscale.settings.tls_letsencrypt_hostname | Domain name to request a TLS certificate for.
|
| services.grafana.settings.security.content_security_policy | Set to true to add the Content-Security-Policy header to your requests
|
| services.tuned.settings.default_instance_priority | Default instance (unit) priority.
|
| services.kanidm.unix.settings.kanidm.pam_allowed_login_groups | Kanidm groups that are allowed to login using PAM.
|
| services.tuned.ppdSettings | Settings for TuneD's power-profiles-daemon compatibility service.
|
| security.agnos.settings.accounts.*.certificates.*.fullchain_output_file | Output path for the full chain including the acquired certificate
|
| services.geoclue2.appConfig | Specify extra settings per application.
|
| services.postgresql.settings.shared_preload_libraries | List of libraries to be preloaded.
|
| services.nextcloud.settings.mail_send_plaintext_only | Email will be sent by default with an HTML and a plain text body
|
| services.anuko-time-tracker.nginx | With this option, you can customize the Nginx virtualHost settings.
|
| services.doh-server.configFile | The config file for the doh-server
|
| services.jupyter.user | Name of the user used to run the jupyter service
|
| services.opendkim.keyPath | The path that opendkim should put its generated private keys into
|
| services.sabnzbd.configFile | Path to config file (deprecated, use settings instead and set this value to null)
|
| fonts.fontconfig.localConf | System-wide customization file contents, has higher priority than
defaultFonts settings.
|
| services.bookstack.nginx | With this option, you can customize the nginx virtualHost settings.
|
| services.h2o.hosts | The hosts config to be merged with the settings
|
| services.bluemap.maps | Settings for files in maps/
|
| services.tt-rss.auth.autoLogin | Automatically login user on remote or other kind of externally supplied
authentication, otherwise redirect to login form as normal
|
| services.nsd.zones | Define your zones here
|
| services.newt.blueprint | Blueprint for declarative settings, see Newt Blueprint docs for more information.
|
| boot.isNspawnContainer | Whether the machine is running in an nspawn container
|
| services.matrix-synapse.settings.url_preview_url_blacklist | Optional list of URL matches that the URL preview spider is
denied from accessing.
|
| programs.starship.presets | Presets files to be merged with settings in order.
|
| services.grav.systemSettings | Settings written to user/config/system.yaml.
|
| services.crab-hole.configFile | The config file of crab-hole
|
| services.warpgate.settings.http.trust_x_forwarded_headers | Trust X-Forwarded-* headers
|
| services.deepin.dde-daemon.enable | Whether to enable daemon for handling the deepin session settings.
|
| services.timekpr.adminUsers | All listed users will become part of the timekpr group so they can manage timekpr settings without requiring sudo.
|
| services.buffyboard.settings.quirks.ignore_unused_terminals | If true, buffyboard won't automatically update the layout of a new terminal and
draw the keyboard, if the terminal is not opened by any process
|
| services.grafana.settings.analytics.check_for_plugin_updates | When set to false, disables checking for new versions of installed plugins from https://grafana.com
|
| services.mailman.webSettings | Overrides for the default mailman-web Django settings.
|
| services.longview.apiKey | Longview API key
|
| services.cyrus-imap.imapdSettings | IMAP configuration settings
|
| services.coturn.realm | The default realm to be used for the users when no explicit
origin/realm relationship was found in the database, or if the TURN
server is not using any database (just the commands-line settings
and the userdb file)
|
| services.cyrus-imap.cyrusSettings | Cyrus configuration settings
|
| services.longview.apiKeyFile | A file containing the Longview API key
|
| services.xandikos.nginx.enable | Configure the nginx reverse proxy settings.
|
| services.stash.settings.video_file_naming_algorithm | Hash algorithm to use for generated file naming
|
| services.bonsaid.configFile | Path to a .json file specifying the state transitions
|
| services.factorio.saveName | The name of the savegame that will be used by the server
|
| services.neo4j.extraServerConfig | Extra configuration for Neo4j Community server
|
| services.matrix-synapse.settings.registration_shared_secret | If set, allows registration by anyone who also has the shared
secret, even if registration is otherwise disabled
|
| services.grafana.settings.security.strict_transport_security | Set to true if you want to enable HTTP Strict-Transport-Security (HSTS) response header
|
| services.journald.rateLimitBurst | Configures the rate limiting burst limit (number of messages per
interval) that is applied to all messages generated on the system
|
| services.graphite.web.extraConfig | Graphite webapp settings
|
| services.akkoma.config | Configuration for Akkoma
|
| services.bluemap.coreSettings | Settings for the core.conf file, see upstream docs.
|
| services.wgautomesh.settings.upnp_forward_external_port | Public port number to try to redirect to this machine's Wireguard
daemon using UPnP IGD.
|
| services.lldap.settings.force_ldap_user_pass_reset | Force reset of the admin password
|
| services.veilid.settings.core.protected_store.allow_insecure_fallback | If we can't use system-provided secure storage, should we proceed anyway?
|
| services.cpupower-gui.enable | Enables dbus/systemd service needed by cpupower-gui
|
| services.matrix-synapse.log | Default configuration for the loggers used by matrix-synapse and its workers
|
| services.mattermost.environmentFile | Environment file (see systemd.exec(5)
"EnvironmentFile=" section for the syntax) which sets config options
for mattermost (see the Mattermost documentation)
|
| services.bitlbee.extraSettings | Will be inserted in the Settings section of the config file.
|
| services.cloudlog.extraConfig | Any additional text to be appended to the config.php
configuration file
|
| hardware.nvidia.nvidiaSettings | Whether to enable nvidia-settings, NVIDIA's GUI configuration tool
.
|
| services.trilium-server.nginx.enable | Configure the nginx reverse proxy settings.
|
| services.nomad.extraSettingsPaths | Additional settings paths used to configure nomad
|
| services.minetest-server.config | Settings to add to the minetest config file
|
| services.sitespeed-io.runs | A list of run configurations
|
| services.matrix-continuwuity.settings.global.allow_announcements_check | If enabled, continuwuity will send a simple GET request periodically to
https://continuwuity.org/.well-known/continuwuity/announcements for any new announcements made.
|
| services.kanidm.serverSettings | Settings for Kanidm, see
the documentation
and example configuration
for possible values.
|
| services.syncthing.configDir | The path where the settings and keys will exist.
|
| services.pgbouncer.settings.pgbouncer.ignore_startup_parameters | By default, PgBouncer allows only parameters it can keep track of in startup packets:
client_encoding, datestyle, timezone and standard_conforming_strings
|
| services.grafana.settings.database.locking_attempt_timeout_sec | For mysql, if the migrationLocking feature toggle is set,
specify the time (in seconds) to wait before failing to lock the database for the migrations.
|
| i18n.inputMethod.fcitx5.plasma6Support | Use qt6 versions of fcitx5 packages
|
| services.davis.database.urlFile | A file containing the database connection url
|
| services.bluemap.webappSettings | Settings for the webapp.conf file, see upstream docs.
|
| services.logstash.extraSettings | Extra Logstash settings in YAML format.
|