| services.epgstation.settings.concurrentEncodeNum | The maximum number of encoding jobs that EPGStation would run at the
same time.
|
| services.system76-scheduler.settings.cfsProfiles.enable | Tweak CFS latency parameters when going on/off battery
|
| services.fedimintd.<name>.ui.port | TCP Port to bind on for UI connections
|
| services.nbd.server.exports.<name>.path | File or block device to export.
|
| users.extraUsers.<name>.extraGroups | The user's auxiliary groups.
|
| power.ups.users.<name>.actions | Allow the user to do certain things with upsd
|
| services.slskd.settings.global.download.speed_limit | Total upload download limit
|
| security.pam.services.<name>.otpwAuth | If set, the OTPW system will be used (if
~/.otpw exists).
|
| services.openvpn.servers.<name>.authUserPass.username | The username to store inside the credentials file.
|
| services.syncthing.settings.options.limitBandwidthInLan | Whether to apply bandwidth limits to devices in the same broadcast domain as the local device.
|
| services.nextcloud-spreed-signaling.settings.grpc.listen | IP and port to listen on for GRPC requests
|
| services.i2pd.outTunnels.<name>.inbound.quantity | Number of simultaneous ‹name› tunnels.
|
| services.netbird.tunnels.<name>.interface | Name of the network interface managed by this client.
|
| services.netbird.clients.<name>.interface | Name of the network interface managed by this client.
|
| services.dependency-track.settings."alpine.database.driver" | Specifies the JDBC driver class to use.
|
| services.warpgate.settings.sso_providers | Configure OIDC single sign-on providers.
|
| hardware.alsa.controls.<name>.device | Name of the PCM device to control (slave).
|
| systemd.network.networks.<name>.fairQueueingControlledDelayConfig | Each attribute in this set specifies an option in the
[FairQueueingControlledDelay] section of the unit
|
| services.fedimintd.<name>.nginx.config.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.postsrsd.settings.unprivileged-user | Unprivileged user to drop privileges to.
Our systemd unit never runs postsrsd as a privileged process, so this option is read-only.
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cacert.<name>.handle | Hex-encoded CKA_ID or handle of the certificate on a token or TPM,
respectively
|
| systemd.services.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| services.ax25.axports.<name>.package | The ax25-tools package to use.
|
| security.pam.services.<name>.enable | Whether to enable this PAM service.
|
| services.nylon.<name>.verbosity | Enable verbose output, default is to not be verbose.
|
| documentation.man.mandoc.settings | Configuration for man.conf(5)
|
| services.nextcloud.settings.enabledPreviewProviders | The preview providers that should be explicitly enabled.
|
| services.grafana.provision.dashboards.settings | Grafana dashboard configuration in Nix
|
| services.drupal.sites.<name>.virtualHost.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.suricata.settings.dpdk | Data Plane Development Kit is a framework for fast packet processing in data plane applications running on a wide variety of CPU architectures
|
| services.neo4j.ssl.policies.<name>.privateKey | The name of private PKCS #8 key file for this policy to be found
in the baseDirectory, or the absolute path to
the key file
|
| services.fedimintd.<name>.p2p.url | Public address for p2p connections from peers (if TCP is used)
|
| services.bacula-sd.device.<name>.mediaType | The specified name-string names the type of media supported by this
device, for example, DLT7000
|
| services.awstats.configs.<name>.type | The type of log being collected.
|
| services.openssh.knownHosts.<name>.hostNames | A list of host names and/or IP numbers used for accessing
the host's ssh service
|
| containers.<name>.extraVeths.<name>.forwardPorts | List of forwarded ports from host to container
|
| services.rspamd.workers.<name>.type | The type of this worker
|
| services.omnom.settings.app.disable_signup | Whether to enable restricting user creation.
|
| services.factorio.mods-dat | Mods settings can be changed by specifying a dat file, in the mod
settings file
format.
|
| services.lidarr.settings.update.automatically | Automatically download and install updates.
|
| services.suricata.settings.logging.outputs.syslog.facility | Facility to log to.
|
| services.radarr.settings.update.automatically | Automatically download and install updates.
|
| services.sonarr.settings.update.automatically | Automatically download and install updates.
|
| services.h2o.hosts.<name>.tls.identity | Key / certificate pairs for the virtual host.
|
| services.nsd.zones.<name>.dnssecPolicy.ksk | Key policy for key signing keys
|
| services.ndppd.proxies.<name>.router | Turns on or off the router flag for Neighbor Advertisement Messages.
|
| services.nsd.zones.<name>.dnssecPolicy.zsk | Key policy for zone signing keys
|
| services.filesender.settings.admin_email | Email address of FileSender administrator(s)
|
| services.ghostunnel.servers.<name>.allowCN | Allow client if common name appears in the list.
|
| services.sourcehut.settings.webhooks.private-key | An absolute file path (which should be outside the Nix-store)
to a base64-encoded Ed25519 key for signing webhook payloads
|
| users.users.<name>.autoSubUidGidRange | Automatically allocate subordinate user and group ids for this user
|
| services.tor.settings.ServerTransportPlugin.transports | List of pluggable transports.
|
| services.bitcoind.<name>.package | The bitcoind package to use.
|
| services.grafana.settings.paths.provisioning | Folder that contains provisioning config files that grafana will apply on startup and while running
|
| security.pam.services.<name>.unixAuth | Whether users can log in with passwords defined in
/etc/shadow.
|
| services.redis.servers.<name>.logLevel | Specify the server verbosity level, options: debug, verbose, notice, warning.
|
| services.grafana.provision.alerting.rules.settings.groups | List of rule groups to import or update.
|
| services.postfix.settings.main.relay_domains | List of domains delivered via the relay transport.
https://www.postfix.org/postconf.5.html#relay_domains
|
| virtualisation.cri-o.settings | Configuration for cri-o, see
https://github.com/cri-o/cri-o/blob/master/docs/crio.conf.5.md.
|
| services.anubis.defaultOptions.settings.WEBMASTER_EMAIL | If set, shows a contact email address when rendering error pages
|
| services.beesd.filesystems.<name>.workDir | Name (relative to the root of the filesystem) of the subvolume where
the hash table will be stored.
|
| services.logind.settings.Login.KillUserProcesses | Specifies whether the processes of a user should be killed
when the user logs out
|
| services.drupal.sites.<name>.configSyncDir | The location of the Drupal config sync directory.
|
| services.dokuwiki.sites.<name>.acl.*.page | Page or namespace to restrict
|
| users.extraUsers.<name>.enable | If set to false, the user account will not be created
|
| services.anubis.defaultOptions.settings.METRICS_BIND_NETWORK | The network family that the metrics server should bind to
|
| services.dendrite.settings.sync_api.search.language | The language most likely to be used on the server - used when indexing, to
ensure the returned results match expectations
|
| services.nextcloud-spreed-signaling.settings.app.debug | Set to "true" to install pprof debug handlers
|
| services.cjdns.ETHInterface.connectTo.<name>.login | (optional) name your peer has for you
|
| services.cjdns.UDPInterface.connectTo.<name>.login | (optional) name your peer has for you
|
| services.public-inbox.inboxes.<name>.newsgroup | NNTP group name for the inbox.
|
| containers.<name>.extraVeths.<name>.localAddress | The IPv4 address assigned to the interface in the container
|
| services.sourcehut.settings."builds.sr.ht".connection-string | SQLAlchemy connection string for the database.
|
| services.buffyboard.settings.input.touchscreen | Enable or disable the use of the touchscreen.
|
| services.warpgate.settings.postgres.certificate | Path to PostgreSQL listener certificate.
|
| systemd.slices.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| systemd.timers.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| services.bacula-sd.director.<name>.tls | TLS Options for the Director in this Configuration.
|
| services.bitcoind.<name>.configFile | The configuration file path to supply bitcoind.
|
| services.bepasty.servers.<name>.bind | Bind address to be used for this server.
|
| services.jupyter.kernels.<name>.argv | Command and arguments to start the kernel.
|
| services.bacula-fd.director.<name>.tls | TLS Options for the Director in this Configuration.
|
| services.netbird.tunnels.<name>.port | Port the NetBird client listens on.
|
| services.redis.servers.<name>.slaveOf.port | port of the Redis master
|
| services.netbird.clients.<name>.port | Port the NetBird client listens on.
|
| services.borgmatic.settings.repositories.*.label | Label to the repository
|
| services.tor.settings.CookieAuthentication | See torrc manual.
|
| services.journald.remote.settings.Remote.ServerKeyFile | A path to a SSL secret key file in PEM format
|
| services.ghostunnel.servers.<name>.allowOU | Allow client if organizational unit name appears in the list.
|
| services.nsd.zones.<name>.provideXFR | Allow these IPs and TSIG to transfer zones, addr TSIG|NOKEY|BLOCKED
address range 192.0.2.0/24, 1.2.3.4&255.255.0.0, 3.0.2.20-3.0.2.40
|
| services.iodine.clients.<name>.relay | DNS server to use as an intermediate relay to the iodined server
|
| services.geth.<name>.websocket.apis | APIs to enable over WebSocket
|
| security.pam.u2f.settings.interactive | Set to prompt a message and wait before testing the presence of a U2F device
|
| services.dendrite.settings.global.private_key | The path to the signing private key file, used to sign
requests and events.
nix-shell -p dendrite --command "generate-keys --private-key matrix_key.pem"
|
| services.slskd.settings.directories.incomplete | Directory where incomplete downloading files are stored.
|
| services.netbird.server.management.settings | Configuration of the netbird management server
|
| services.httpd.virtualHosts.<name>.servedFiles | This option provides a simple way to serve individual, static files.
This option has been deprecated and will be removed in a future
version of NixOS
|
| systemd.user.paths.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| services.wordpress.sites.<name>.virtualHost.locations.<name>.proxyPass | Sets up a simple reverse proxy as described by https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html#simple.
|
| services.immichframe.settings.Accounts.*.ImmichServerUrl | The URL of your Immich server.
|