| services.influxdb2.provision.organizations.<name>.auths.<name>.readPermissions | The read permissions to include for this token
|
| services.jirafeau.nginxConfig.serverName | Name of this virtual host
|
| services.beesd.filesystems.<name>.hashTableSizeMB | Hash table size in MB; must be a multiple of 16
|
| services.strongswan-swanctl.swanctl.secrets.eap.<name>.id | Identity the EAP/XAuth secret belongs to
|
| services.zabbixWeb.nginx.virtualHost.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.zabbixWeb.httpd.virtualHost.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| networking.jool.siit.<name>.framework | The framework to use for attaching Jool's translation to the exist
kernel packet processing rules
|
| services.borgbackup.repos.<name>.authorizedKeys | Public SSH keys that are given full write access to this repository
|
| services.k3s.autoDeployCharts.<name>.extraFieldDefinitions | Extra HelmChart field definitions that are merged with the rest of the HelmChart
custom resource
|
| services.kanidm.provision.systems.oauth2.<name>.basicSecretFile | The basic secret to use for this service
|
| networking.wg-quick.interfaces.<name>.dns | The IP addresses of DNS servers to configure.
|
| services.botamusique.settings.bot.username | Name the bot should appear with.
|
| services.postfix.hostname | Hostname to use
|
| services.kmonad.keyboards.<name>.defcfg.fallthrough | Whether to enable re-emitting unhandled key events.
|
| services.armagetronad.servers.<name>.openFirewall | Set to true to open the configured UDP port for Armagetron Advanced.
|
| services.mediawiki.httpd.virtualHost.locations.<name>.proxyPass | Sets up a simple reverse proxy as described by https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html#simple.
|
| services.radicle.ci.adapters.native.instances.<name>.package | The radicle-native-ci package to use.
|
| services.cloudflared.tunnels.<name>.originRequest.caPool | Path to the certificate authority (CA) for the certificate of your origin
|
| services.system76-scheduler.assignments.<name>.ioPrio | IO scheduler priority.
|
| services.hostapd.radios.<name>.wifi5.capabilities | VHT (Very High Throughput) capabilities given as a list of flags
|
| services.strongswan-swanctl.swanctl.secrets.ike.<name>.id | IKE identity the IKE preshared secret belongs to
|
| services.printing.cups-pdf.instances.<name>.settings | Settings for a cups-pdf instance, see the descriptions in the template config file in the cups-pdf package
|
| services.pantalaimon-headless.instances.<name>.ssl | Whether or not SSL verification should be enabled for outgoing
connections to the homeserver.
|
| services.bookstack.nginx.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.rke2.autoDeployCharts.<name>.extraFieldDefinitions | Extra HelmChart field definitions that are merged with the rest of the HelmChart
custom resource
|
| services.strongswan-swanctl.swanctl.secrets.ntlm.<name>.id | Identity the NTLM secret belongs to
|
| services.influxdb2.provision.organizations.<name>.auths.<name>.writePermissions | The read permissions to include for this token
|
| services.simplesamlphp.<name>.configureNginx | Configure nginx as a reverse proxy for SimpleSAMLphp.
|
| services.authelia.instances.<name>.settings.server.address | The address to listen on.
|
| services.outline.smtp.username | Username to authenticate with.
|
| networking.wg-quick.interfaces.<name>.preUp | Commands called at the start of the interface setup.
|
| services.frigate.hostname | Hostname of the nginx vhost to configure
|
| services.strongswan-swanctl.swanctl.secrets.rsa.<name>.secret | Value of decryption passphrase for RSA key.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.rekey_bytes | Number of bytes processed before initiating CHILD_SA rekeying
|
| services.tor.relay.onionServices.<name>.authorizedClients | Authorized clients for a v3 onion service,
as a list of public key, in the format:
descriptor:x25519:<base32-public-key>
See torrc manual.
|
| services.mpdscribble.endpoints.<name>.passwordFile | File containing the password, either as MD5SUM or cleartext.
|
| services.sabnzbd.settings.servers.<name>.connections | Number of parallel connections permitted by
the server.
|
| programs.proxychains.proxies.<name>.port | Proxy port
|
| programs.proxychains.proxies.<name>.type | Proxy type.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.close_action | Action to perform after a CHILD_SA gets closed by the peer.
- The default of
none does not take any action,
trap installs a trap policy for the CHILD_SA.start tries to re-create the CHILD_SA.
close_action does not provide any guarantee that the
CHILD_SA is kept alive
|
| services.limesurvey.nginx.virtualHost.locations.<name>.alias | Alias directory for requests.
|
| services.limesurvey.nginx.virtualHost.locations.<name>.index | Adds index directive.
|
| boot.specialFileSystems.<name>.options | Options used to mount the file system
|
| boot.specialFileSystems.<name>.depends | List of paths that should be mounted before this one
|
| services.borgbackup.jobs.<name>.encryption.passCommand | A command which prints the passphrase to stdout
|
| services.angrr.settings.profile-policies.<name>.keep-current-system | Whether to keep the current system generation
|
| services.authelia.instances.<name>.secrets.sessionSecretFile | Path to your session secret
|
| services.shorewall6.configs | This option defines the Shorewall configs
|
| boot.initrd.luks.devices.<name>.tryEmptyPassphrase | If keyFile fails then try an empty passphrase first before
prompting for password.
|
| services.sftpgo.user | User account name under which SFTPGo runs.
|
| services.wstunnel.clients.<name>.tlsVerifyCertificate | Whether to verify the TLS certificate of the server
|
| services.wordpress.sites.<name>.virtualHost.listenAddresses | Listen addresses for this virtual host
|
| services.system76-scheduler.assignments.<name>.class | CPU scheduler class.
|
| services.zabbixWeb.nginx.virtualHost.serverName | Name of this virtual host
|
| services.postgresqlWalReceiver.receivers.<name>.extraArgs | A list of extra arguments to pass to the pg_receivewal command.
|
| services.namecoind.wallet | Wallet file
|
| networking.wlanInterfaces.<name>.fourAddr | Whether to enable 4-address mode with type managed.
|
| services.neo4j.ssl.policies.<name>.allowKeyGeneration | Allows the generation of a private key and associated self-signed
certificate
|
| services.r53-ddns.domain | The name of your domain in Route53
|
| networking.supplicant.<name>.extraCmdArgs | Command line arguments to add when executing wpa_supplicant.
|
| services.ytdl-sub.instances.<name>.subscriptions | Subscriptions for ytdl-sub
|
| networking.macvlans.<name>.interface | The interface the macvlan will transmit packets through.
|
| networking.wg-quick.interfaces.<name>.postUp | Commands called after the interface setup.
|
| services.armagetronad.servers.<name>.settings | Armagetron Advanced server rules configuration
|
| networking.vswitches.<name>.openFlowRules | OpenFlow rules to insert into the Open vSwitch
|
| services.librenms.hostname | The hostname to serve LibreNMS on.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.set_mark_in | Netfilter mark applied to packets after the inbound IPsec SA processed
them
|
| services.system76-scheduler.assignments.<name>.ioClass | IO scheduler class.
|
| services.limesurvey.httpd.virtualHost.locations.<name>.index | Adds DirectoryIndex directive
|
| services.limesurvey.httpd.virtualHost.locations.<name>.alias | Alias directory for requests
|
| services.syncthing.settings.devices.<name>.autoAcceptFolders | Automatically create or share folders that this device advertises at the default path
|
| services.prometheus.scrapeConfigs.*.docker_sd_configs.*.filters.*.name | Name of the filter
|
| networking.jool.nat64.<name>.framework | The framework to use for attaching Jool's translation to the exist
kernel packet processing rules
|
| services.evremap.settings.phys | The physical device name to listen on
|
| services.sabnzbd.settings.servers.<name>.ssl_verify | Level of TLS verification
|
| networking.wg-quick.interfaces.<name>.type | The type of the interface
|
| boot.binfmt.registrations.<name>.mask | A mask to be ANDed with the byte sequence of the file before matching
|
| services.limesurvey.nginx.virtualHost.locations.<name>.tryFiles | Adds try_files directive.
|
| services.wyoming.faster-whisper.servers.<name>.initialPrompt | Optional text to provide as a prompt for the first window
|
| services.printing.cups-pdf.instances.<name>.installPrinter | Whether to enable a CUPS printer queue for this instance
|
| services.archisteamfarm.bots.<name>.settings | Additional settings that are documented here.
|
| networking.wg-quick.interfaces.<name>.preDown | Command called before the interface is taken down.
|
| programs.proxychains.proxies.<name>.host | Proxy host or IP address.
|
| programs.xfs_quota.projects.<name>.sizeSoftLimit | Soft limit of the project size
|
| programs.xfs_quota.projects.<name>.sizeHardLimit | Hard limit of the project size.
|
| services.strongswan-swanctl.swanctl.secrets.token.<name>.pin | Optional PIN required to access the key on the token
|
| services.wstunnel.clients.<name>.environmentFile | Environment file to be passed to the systemd service
|
| services.wstunnel.servers.<name>.environmentFile | Environment file to be passed to the systemd service
|
| networking.wg-quick.interfaces.<name>.peers | Peers linked to the interface.
|
| services.mosquitto.listeners.*.users.<name>.passwordFile | Specifies the path to a file containing the
clear text password for the MQTT user
|
| services.fedimintd.<name>.nginx.config.listen.*.extraParameters | Extra parameters of this listen directive.
|
| services.jibri.xmppEnvironments.<name>.control.login.domain | The domain part of the JID for this Jibri instance.
|
| services.jirafeau.nginxConfig.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.prometheus.exporters.mail.configuration.servers.*.name | Value for label 'configname' which will be added to all metrics.
|
| services.strongswan-swanctl.swanctl.secrets.xauth.<name>.id | Identity the EAP/XAuth secret belongs to
|
| services.keepalived.vrrpInstances.<name>.virtualRouterId | Arbitrary unique number 1..255
|
| services.hostapd.radios.<name>.wifi4.capabilities | HT (High Throughput) capabilities given as a list of flags
|
| services.bind.enable | Whether to enable BIND domain name server.
|
| services.ncps.cache.redis.username | Redis username for authentication (for Redis ACL).
|
| services.drupal.webserver | Whether to use nginx or caddy for virtual host management
|