| services.borgbackup.jobs.<name>.inhibitsSleep | Prevents the system from sleeping while backing up.
|
| networking.interfaces.<name>.wakeOnLan.enable | Whether to enable wol on this interface.
|
| services.firezone.server.provision.accounts.<name>.policies | All policies to provision
|
| services.buildbot-worker.packages | Packages to add to PATH for the buildbot process.
|
| services.forgejo.repositoryRoot | Path to the git repositories.
|
| services.gitea.settings.server.HTTP_ADDR | Listen address
|
| services.gitlab.smtp.passwordFile | File containing the password of the SMTP server for GitLab
|
| services.buildbot-master.packages | Packages to add to PATH for the buildbot process.
|
| services.thanos.rule.tracing.config-file | Path to YAML file that contains tracing configuration
|
| services.ncps.cache.storage.s3.forcePathStyle | Force path-style S3 addressing (bucket/key vs key.bucket).
|
| services.radicle.ci.broker.settings.db | Database file path.
|
| services.moonraker.klipperSocket | Path to Klipper's API socket.
|
| services.minetest-server.configPath | Path to the config to use
|
| services.weblate.smtp.passwordFile | Location of a file containing the SMTP password
|
| services.warpgate.settings.ssh.keys | Path to store SSH host & client keys.
|
| networking.wireless.networks.<name>.bssid | If set, this network block is used only when associating with
the AP using the configured BSSID.
|
| services.drupal.sites.<name>.virtualHost.robotsEntries | Specification of pages to be ignored by web crawlers
|
| services.drupal.sites.<name>.virtualHost.serverAliases | Additional names of virtual hosts served by this virtual host configuration.
|
| services.logrotate.settings.<name>.files | Single or list of files for which rules are defined
|
| services.anubis.instances.<name>.settings | Freeform configuration via environment variables for Anubis
|
| services.nebula.networks.<name>.isLighthouse | Whether this node is a lighthouse.
|
| networking.vswitches.<name>.openFlowVersion | Version of OpenFlow protocol to use when communicating with the switch internally (e.g. with openFlowRules).
|
| boot.initrd.luks.devices.<name>.yubikey.storage.device | An unencrypted device that will temporarily be mounted in stage-1
|
| services.fedimintd.<name>.nginx.config.listen.*.port | Port number to listen on
|
| services.prometheus.exporters.sql.configuration.jobs.<name>.queries.<name>.values | A set of columns that will be used as values of this metric.
|
| services.prometheus.exporters.sql.configuration.jobs.<name>.queries.<name>.labels | A set of columns that will be used as Prometheus labels.
|
| security.pam.services.<name>.kwallet.enable | If enabled, pam_wallet will attempt to automatically unlock the
user's default KDE wallet upon login
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.policies | Whether to install IPsec policies or not
|
| boot.loader.systemd-boot.extraFiles | A set of files to be copied to $BOOT
|
| services.icecream.daemon.netName | Network name to connect to
|
| users.mysql.pam.logging.rHostColumn | The name of the column in the log table to which the name of the remote
host that initiates the session is stored
|
| systemd.generators | Definition of systemd generators; see systemd.generator(5)
|
| services.i2pd.outTunnels.<name>.destination | Remote endpoint, I2P hostname or b32.i2p address.
|
| services.drupal.sites.<name>.virtualHost.locations | Declarative location config
|
| services.hostapd.radios.<name>.networks.<name>.authentication.wpaPasswordFile | Sets the password for WPA-PSK
|
| systemd.units.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| services.cjdns.UDPInterface.connectTo.<name>.publicKey | Public key at the opposite end of the tunnel.
|
| networking.interfaces.<name>.macAddress | MAC address of the interface
|
| services.cjdns.ETHInterface.connectTo.<name>.publicKey | Public key at the opposite end of the tunnel.
|
| services.printing.cups-pdf.instances.<name>.enable | Whether to enable this cups-pdf instance.
|
| services.bacula-sd.autochanger.<name>.devices | |
| systemd.services.<name>.notSocketActivated | If set, a changed unit is never assumed to be
socket-activated on configuration switch, even if
it might have associated socket units
|
| services.wstunnel.servers.<name>.loggingLevel | Passed to --log-lvl
Control the log verbosity. i.e: TRACE, DEBUG, INFO, WARN, ERROR, OFF
For more details, checkout [EnvFilter](https://docs.rs/tracing-subscriber/latest/tracing_subscriber/filter/struct
|
| services.wstunnel.clients.<name>.loggingLevel | Passed to --log-lvl
Control the log verbosity. i.e: TRACE, DEBUG, INFO, WARN, ERROR, OFF
For more details, checkout [EnvFilter](https://docs.rs/tracing-subscriber/latest/tracing_subscriber/filter/struct
|
| services.restic.backups.<name>.rcloneOptions | Options to pass to rclone to control its behavior
|
| networking.wireless.networks.<name>.hidden | Set this to true if the SSID of the network is hidden.
|
| services.gitlab-runner.services.<name>.dockerPullPolicy | Default pull-policy for Docker images
|
| services.radicle.httpd.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.nginx.virtualHosts.<name>.listen.*.proxyProtocol | Enable PROXY protocol.
|
| services.influxdb2.provision.organizations.<name>.buckets.<name>.retention | The duration in seconds for which the bucket will retain data (0 is infinite).
|
| services.gitlab-runner.services.<name>.postBuildScript | Runner-specific command script executed after code is pulled
and just after build executes.
|
| security.pam.services.<name>.gnupg.noAutostart | Don't start gpg-agent if it is not running
|
| services.anuko-time-tracker.nginx.locations.<name>.index | Adds index directive.
|
| services.anuko-time-tracker.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.fcgiwrap.instances.<name>.socket.mode | Mode to be set on the UNIX socket
|
| services.btrbk.instances.<name>.onCalendar | How often this btrbk instance is started
|
| services.fedimintd.<name>.nginx.config.enableACME | Whether to ask Let's Encrypt to sign a certificate for this vhost
|
| services.kubernetes.kubelet.taints.<name>.value | Value of taint.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.copy_ecn | Whether to copy the ECN (Explicit Congestion Notification) header field
to/from the outer IP header in tunnel mode
|
| services.invidious.hmacKeyFile | A path to a file containing the hmac_key
|
| boot.iscsi-initiator.extraConfigFile | Append an additional file's contents to /etc/iscsid.conf
|
| services.dockerRegistry.configFile | Path to CNCF distribution config file
|
| services.send.redis.passwordFile | The path to the file containing the Redis password
|
| services.nsd.remoteControl.serverKeyFile | Path to the server private key, which is used by the server
but not by nsd-control
|
| services.unpoller.influxdb.pass | Path of a file containing the password for influxdb
|
| services.hylafax.sendmailPath | Path to sendmail program
|
| services.kanidm.provision.groups.<name>.members | List of kanidm entities (persons, groups, ...) which are part of this group.
|
| services.xonotic.settings.hostname | The name that will appear in the server list. $g_xonoticversion
gets replaced with the current version.
|
| services.firewalld.zones.<name>.interfaces | Interfaces to bind.
|
| services.firewalld.services.<name>.sourcePorts.*.port | |
| services.anubis.instances.<name>.botPolicy | Anubis policy configuration in Nix syntax
|
| services.wyoming.piper.servers.<name>.streaming | Whether to enable audio streaming on sentence boundaries.
|
| services.firewalld.zones.<name>.egressPriority | Priority for outbound traffic
|
| services.wordpress.sites.<name>.virtualHost.listen.*.ip | IP to listen on. 0.0.0.0 for IPv4 only, * for all.
|
| services.wordpress.sites.<name>.virtualHost.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| boot.binfmt.registrations.<name>.interpreter | The interpreter to invoke to run the program
|
| services.kanboard.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.librenms.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.agorakit.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.caddy.virtualHosts.<name>.listenAddresses | A list of host interfaces to bind to for this virtual host.
|
| services.fcgiwrap.instances.<name>.socket.group | Group to be set as owner of the UNIX socket.
|
| services.dolibarr.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.invoiceplane.sites.<name>.cron.key | Cron key taken from the administration page.
|
| services.fediwall.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.restic.backups.<name>.backupPrepareCommand | A script that must run before starting the backup process.
|
| services.restic.backups.<name>.backupCleanupCommand | A script that must run after finishing the backup process.
|
| services.pixelfed.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.mainsail.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.postfix.masterConfig.<name>.privileged | |
| security.pam.services.<name>.ttyAudit.disablePattern | For each user matching one of comma-separated
glob patterns, disable TTY auditing
|
| services.nbd.server.exports.<name>.allowAddresses | IPs and subnets that are authorized to connect for this device
|
| security.pam.services | This option defines the PAM services
|
| programs.ssh.knownHosts | The set of system-wide known SSH hosts
|
| services.pcscd.extendReaderNames | String to append to every reader name
|
| security.pam.services.<name>.gnupg.enable | If enabled, pam_gnupg will attempt to automatically unlock the
user's GPG keys with the login password via
gpg-agent
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.remote_ts | List of remote selectors to include in CHILD_SA
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.rand_time | Time range from which to choose a random value to subtract from
rekey_time
|
| services.tarsnap.archives.<name>.followSymlinks | Whether to follow all symlinks in archive trees.
|
| systemd.slices.<name>.documentation | A list of URIs referencing documentation for this unit or its configuration.
|
| systemd.timers.<name>.documentation | A list of URIs referencing documentation for this unit or its configuration.
|