| services.dependency-track.database.type | h2 database is not recommended for a production setup.
postgresql this settings it recommended for production setups.
manual the module doesn't handle database settings.
|
| services.agorakit.nginx | With this option, you can customize the nginx virtualHost settings.
|
| services.librenms.nginx | With this option, you can customize the nginx virtualHost settings.
|
| services.coturn.realm | The default realm to be used for the users when no explicit
origin/realm relationship was found in the database, or if the TURN
server is not using any database (just the commands-line settings
and the userdb file)
|
| services.artalk.allowModify | allow Artalk store the settings to config file persistently
|
| services.xandikos.nginx.enable | Configure the nginx reverse proxy settings.
|
| services.crab-hole.configFile | The config file of crab-hole
|
| services.veilid.settings.core.protected_store.always_use_insecure_storage | Should we bypass any attempt to use system-provided secure storage?
|
| services.davis.database.urlFile | A file containing the database connection url
|
| services.doh-server.configFile | The config file for the doh-server
|
| services.tuned.ppdSettings | Settings for TuneD's power-profiles-daemon compatibility service.
|
| services.graphite.web.extraConfig | Graphite webapp settings
|
| services.opendkim.keyPath | The path that opendkim should put its generated private keys into
|
| services.movim.h2o.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| services.stash.settings.create_image_clip_from_videos | Create Image Clips from Video extensions when Videos are disabled in Library
|
| services.akkoma.config | Configuration for Akkoma
|
| services.freshrss.api.enable | Whether to enable API access for mobile apps and third-party clients (Google Reader API and Fever API)
|
| services.invidious.extraSettingsFile | A file including Invidious settings
|
| services.sabnzbd.configFile | Path to config file (deprecated, use settings instead and set this value to null)
|
| services.hardware.bolt.enable | Whether to enable Bolt, a userspace daemon to enable
security levels for Thunderbolt 3 on GNU/Linux
|
| services.longview.apiKey | Longview API key
|
| services.jellyfin.forceEncodingConfig | Whether to overwrite Jellyfin's encoding.xml configuration file on each service start
|
| services.anuko-time-tracker.nginx | With this option, you can customize the Nginx virtualHost settings.
|
| services.trilium-server.nginx.enable | Configure the nginx reverse proxy settings.
|
| services.timekpr.adminUsers | All listed users will become part of the timekpr group so they can manage timekpr settings without requiring sudo.
|
| fonts.fontconfig.localConf | System-wide customization file contents, has higher priority than
defaultFonts settings.
|
| services.newt.blueprint | Blueprint for declarative settings, see Newt Blueprint docs for more information.
|
| services.dendrite.settings.global.trusted_third_party_id_servers | Lists of domains that the server will trust as identity
servers to verify third party identifiers such as phone
numbers and email addresses
|
| services.grafana.settings.security.disable_initial_admin_creation | Disable creation of admin user on first start of Grafana.
|
| services.longview.apiKeyFile | A file containing the Longview API key
|
| services.bookstack.nginx | With this option, you can customize the nginx virtualHost settings.
|
| services.factorio.saveName | The name of the savegame that will be used by the server
|
| services.dolibarr.h2o.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| services.bonsaid.configFile | Path to a .json file specifying the state transitions
|
| services.grav.systemSettings | Settings written to user/config/system.yaml.
|
| services.dnscrypt-proxy2.configFile | Path to TOML config file
|
| services.cgit.<name>.gitHttpBackend.checkExportOkFiles | Whether git-http-backend should only export repositories that contain a git-daemon-export-ok file
|
| services.snipe-it.config | Snipe-IT configuration options to set in the
.env file
|
| services.matrix-synapse.settings.url_preview_ip_range_blacklist | List of IP address CIDR ranges that the URL preview spider is denied
from accessing.
|
| services.matrix-synapse.settings.url_preview_ip_range_whitelist | List of IP address CIDR ranges that the URL preview spider is allowed
to access even if they are specified in url_preview_ip_range_blacklist.
|
| services.neo4j.extraServerConfig | Extra configuration for Neo4j Community server
|
| services.headscale.settings.tls_letsencrypt_challenge_type | Type of ACME challenge to use, currently supported types:
HTTP-01 or TLS-ALPN-01.
|
| services.h2o.hosts.<name>.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| services.rmfakecloud.extraSettings | Extra settings in the form of a set of key-value pairs
|
| services.cpupower-gui.enable | Enables dbus/systemd service needed by cpupower-gui
|
| services.mailman.webSettings | Overrides for the default mailman-web Django settings.
|
| services.cyrus-imap.imapdSettings | IMAP configuration settings
|
| services.cyrus-imap.cyrusSettings | Cyrus configuration settings
|
| services.sitespeed-io.runs | A list of run configurations
|
| services.radicale.rights | Configuration for Radicale's rights file
|
| services.journald.rateLimitBurst | Configures the rate limiting burst limit (number of messages per
interval) that is applied to all messages generated on the system
|
| services.akkoma.initDb.enable | Whether to automatically initialise the database on startup
|
| services.bluemap.coreSettings | Settings for the core.conf file, see upstream docs.
|
| services.maubot.settings.plugin_databases.postgres_max_conns_per_plugin | Maximum number of connections per plugin instance.
|
| services.stash.settings.show_one_time_moved_notification | Whether a small notification to inform the user that Stash will no longer show a terminal window, and instead will be available in the tray
|
| services.cloudlog.extraConfig | Any additional text to be appended to the config.php
configuration file
|
| services.grafana.settings.users.user_invite_max_lifetime_duration | The duration in time a user invitation remains valid before expiring
|
| services.oink.domains | List of attribute sets containing configuration for each domain
|
| services.nomad.extraSettingsPaths | Additional settings paths used to configure nomad
|
| services.monica.config | monica configuration options to set in the
.env file
|
| services.grafana.settings.security.strict_transport_security_preload | Set to true to enable HSTS preloading option
|
| services.bitlbee.extraSettings | Will be inserted in the Settings section of the config file.
|
| hardware.nvidia.nvidiaSettings | Whether to enable nvidia-settings, NVIDIA's GUI configuration tool
.
|
| services.apcupsd.configText | Contents of the runtime configuration file, apcupsd.conf
|
| services.syncthing.configDir | The path where the settings and keys will exist.
|
| services.libvirtd.autoSnapshot.vms | If specified only the list of VMs will be snapshotted else all existing one
|
| services.minetest-server.config | Settings to add to the minetest config file
|
| services.kanidm.serverSettings | Settings for Kanidm, see
the documentation
and example configuration
for possible values.
|
| i18n.inputMethod.fcitx5.plasma6Support | Use qt6 versions of fcitx5 packages
|
| users.users.<name>.linger | Whether to enable or disable lingering for this user
|
| boot.isNspawnContainer | Whether the machine is running in an nspawn container
|
| services.btrbk.extraPackages | Extra packages for btrbk, like compression utilities for stream_compress.
Note: This option will get deprecated in future releases
|
| services.portunus.seedSettings | Seed settings for users and groups
|
| services.headscale.settings.ephemeral_node_inactivity_timeout | Time before an inactive ephemeral node is deleted.
|
| services.bluemap.webappSettings | Settings for the webapp.conf file, see upstream docs.
|
| services.mediawiki.extraConfig | Any additional text to be appended to MediaWiki's
LocalSettings.php configuration file
|
| services.h2o.defaultTLSRecommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| services.logstash.extraSettings | Extra Logstash settings in YAML format.
|
| services.gitlab-runner.configFile | Configuration file for gitlab-runner.
configFile takes precedence over services.
checkInterval and concurrent will be ignored too
|
| services.geoclue2.appConfig | Specify extra settings per application.
|
| services.mailman.enablePostfix | Enable Postfix integration
|
| services.grafana.settings.security.content_security_policy_report_only | Set to true to add the Content-Security-Policy-Report-Only header to your requests
|
| services.clamav.clamonacc.enable | Whether to enable ClamAV on-access scanner
|
| services.olivetin.extraConfigFiles | Config files to merge into the settings defined in services.olivetin.settings
|
| services.stash.settings.dangerous_allow_public_without_auth | Learn more at https://docs.stashapp.cc/networking/authentication-required-when-accessing-stash-from-the-internet/
|
| services.grafana.settings.security.disable_brute_force_login_protection | Set to true to disable brute force login protection.
|
| services.grafana.settings.security.strict_transport_security_subdomains | Set to true to enable HSTS includeSubDomains option
|
| services.openldap.mutableConfig | Whether to allow writable on-line configuration
|
| services.xserver.displayManager.sx.enable | Whether to enable the "sx" pseudo-display manager, which allows users
to start manually via the "sx" command from a vt shell
|
| services.tinc.networks.<name>.extraConfig | Extra lines to add to the tinc service configuration file
|
| services.pfix-srsd.configurePostfix | Whether to configure the required settings to use pfix-srsd in the local Postfix instance.
|
| services.jitsi-meet.interfaceConfig | Client-side web-app interface settings that override the defaults in interface_config.js
|
| services.yarr.environmentFile | Environment file for specifying additional settings such as secrets
|
| services.yggdrasil.configFile | A file which contains JSON or HJSON configuration for yggdrasil
|
| services.agorakit.config | Agorakit configuration options to set in the
.env file
|
| users.extraUsers.<name>.linger | Whether to enable or disable lingering for this user
|
| environment.wvdial.pppDefaults | Default ppp settings for wvdial.
|
| services.schleuder.listDefaults | Default settings for lists (list-defaults.yml)
|
| services.foundationdb.tls | FoundationDB Transport Security Layer (TLS) settings.
|
| services.librespeed.secrets | Attribute set of filesystem paths
|