| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.replay_window | IPsec replay window to configure for this CHILD_SA
|
| services.tt-rss.pool | Name of existing phpfpm pool that is used to run web-application
|
| services.filesender.database.hostname | Database hostname.
|
| services.kerberos_server.settings.realms.<name>.acl | The privileges granted to a user.
|
| services.cloudflared.tunnels.<name>.credentialsFile | Credential file
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.set_mark_out | Netfilter mark applied to packets after the outbound IPsec SA processed
them
|
| services.strongswan-swanctl.swanctl.connections.<name>.ppk_id | String identifying the Postquantum Preshared Key (PPK) to be used.
|
| services.zoneminder.database.username | Username for accessing the database.
|
| services.hddfancontrol.settings.<drive-bay-name>.pwmPaths | PWM filepath(s) to control fan speed (under /sys), followed by initial and fan-stop PWM values
Can also use command substitution to ensure the correct hwmonX is selected on every boot
|
| fileSystems.<name>.overlay.workdir | The path to the workdir
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.start_action | Action to perform after loading the configuration.
- The default of
none loads the connection only, which
then can be manually initiated or used as a responder configuration.
- The value
trap installs a trap policy, which triggers
the tunnel as soon as matching traffic has been detected.
- The value
start initiates the connection actively.
- Since version 5.9.6 two modes above can be combined with
trap|start,
to immediately initiate a connection for which trap policies have been installed
|
| users.extraUsers.<name>.description | A short description of the user account, typically the
user's full name
|
| services.strongswan-swanctl.swanctl.connections.<name>.pull | If the default of yes is used, Mode Config works in pull mode, where the
initiator actively requests a virtual IP
|
| services.archisteamfarm.bots.<name>.passwordFile | Path to a file containing the password
|
| systemd.network.netdevs.<name>.extraConfig | Extra configuration append to unit
|
| services.rke2.autoDeployCharts.<name>.extraFieldDefinitions | Extra HelmChart field definitions that are merged with the rest of the HelmChart
custom resource
|
| boot.specialFileSystems.<name>.stratis.poolUuid | UUID of the stratis pool that the fs is located in
This is only relevant if you are using stratis.
|
| services.sanoid.datasets.<name>.script_timeout | Time limit for pre/post/pruning script execution time (<=0 for infinite).
|
| systemd.network.netdevs.<name>.l2tpConfig | Each attribute in this set specifies an option in the
[L2TP] section of the unit
|
| systemd.network.netdevs.<name>.wlanConfig | Each attribute in this set specifies an option in the [WLAN] section of the unit
|
| systemd.network.netdevs.<name>.bondConfig | Each attribute in this set specifies an option in the
[Bond] section of the unit
|
| systemd.network.netdevs.<name>.vlanConfig | Each attribute in this set specifies an option in the
[VLAN] section of the unit
|
| systemd.network.netdevs.<name>.xfrmConfig | Each attribute in this set specifies an option in the
[Xfrm] section of the unit
|
| systemd.network.netdevs.<name>.peerConfig | Each attribute in this set specifies an option in the
[Peer] section of the unit
|
| systemd.user.targets.<name>.conflicts | If the specified units are started, then this unit is stopped
and vice versa.
|
| systemd.user.sockets.<name>.conflicts | If the specified units are started, then this unit is stopped
and vice versa.
|
| systemd.targets.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| systemd.sockets.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| services.tlsrpt.collectd.settings.socketname | Path at which the UNIX socket will be created.
|
| services.strongswan-swanctl.swanctl.authorities.<name>.handle | Hex-encoded CKA_ID or handle of the certificate on a token or TPM,
respectively
|
| systemd.user.paths.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| services.gitea.dump.file | Filename to be used for the dump
|
| services.keepalived.vrrpInstances.<name>.trackInterfaces | List of network interfaces to monitor for health tracking.
|
| systemd.timers.<name>.conflicts | If the specified units are started, then this unit is stopped
and vice versa.
|
| systemd.slices.<name>.conflicts | If the specified units are started, then this unit is stopped
and vice versa.
|
| services.reposilite.settings.hostname | The hostname to bind to
|
| networking.bridges.<name>.rstp | Whether the bridge interface should enable rstp.
|
| networking.greTunnels.<name>.dev | The underlying network device on which the tunnel resides.
|
| systemd.sockets.<name>.socketConfig | Each attribute in this set specifies an option in the
[Socket] section of the unit
|
| systemd.nspawn.<name>.networkConfig | Each attribute in this set specifies an option in the
[Network] section of this unit
|
| services.taskserver.organisations.<name>.groups | A list of group names that belong to the organization.
|
| hardware.sane.brscan4.netDevices.<name>.model | The model of the network device.
|
| hardware.sane.brscan5.netDevices.<name>.model | The model of the network device.
|
| systemd.targets.<name>.startLimitBurst | Configure unit start rate limiting
|
| systemd.sockets.<name>.startLimitBurst | Configure unit start rate limiting
|
| services.pantalaimon-headless.instances.<name>.listenPort | The port where the daemon will listen to client connections for
this homeserver
|
| security.auditd.plugins.<name>.format | Binary passes the data exactly as the audit event dispatcher gets it from
the audit daemon
|
| services.prometheus.exporters.sql.configuration.jobs.<name>.queries | SQL queries to run.
|
| networking.vswitches.<name>.interfaces.<name>.type | Openvswitch type to assign to interface
|
| networking.vswitches.<name>.interfaces.<name>.vlan | Vlan tag to apply to interface
|
| services.strongswan-swanctl.swanctl.authorities.<name>.cacert | The certificates may use a relative path from the swanctl
x509ca directory or an absolute path
|
| services.icingaweb2.modules.monitoring.transports.<name>.type | Type of this transport
|
| services.grav.pool | Name of existing phpfpm pool that is used to run web-application
|
| systemd.network.networks.<name>.routes | A list of route sections to be added to the unit
|
| services.mjolnir.pantalaimon.username | The username to login with.
|
| services.influxdb2.provision.organizations.<name>.auths.<name>.readPermissions | The read permissions to include for this token
|
| systemd.network.netdevs.<name>.vrfConfig | Each attribute in this set specifies an option in the
[VRF] section of the unit
|
| services.monero.rpc.user | User name for RPC connections.
|
| services.dovecot2.mailboxes.<name>.autoexpunge | To automatically remove all email from the mailbox which is older than the
specified time.
|
| services.icingaweb2.modules.monitoring.transports.<name>.host | Host for the api or remote transport
|
| services.strongswan-swanctl.swanctl.connections.<name>.encap | To enforce UDP encapsulation of ESP packets, the IKE daemon can fake the
NAT detection payloads
|
| security.acme.certs.<name>.reloadServices | The list of systemd services to call systemctl try-reload-or-restart
on.
|
| services.icingaweb2.modules.monitoring.transports.<name>.path | Path to the socket for local or remote transports
|
| services.icingaweb2.modules.monitoring.transports.<name>.port | Port to connect to for the api or remote transport
|
| boot.specialFileSystems.<name>.mountPoint | Location where the file system will be mounted
|
| systemd.user.paths.<name>.restartTriggers | An arbitrary list of items such as derivations
|
| systemd.user.sockets.<name>.requisite | Similar to requires
|
| systemd.user.targets.<name>.requisite | Similar to requires
|
| services.minidlna.settings.friendly_name | Name that the server presents to clients.
|
| networking.greTunnels.<name>.ttl | The time-to-live/hoplimit of the connection to the remote tunnel endpoint.
|
| services.strongswan-swanctl.swanctl.connections.<name>.local | Section for a local authentication round
|
| services.tarsnap.archives.<name>.aggressiveNetworking | Upload data over multiple TCP connections, potentially
increasing tarsnap's bandwidth utilisation at the cost
of slowing down all other network traffic
|
| environment.etc.<name>.source | Path of the source file.
|
| services.gitea.appName | Application name.
|
| systemd.network.networks.<name>.enable | Whether to manage network configuration using systemd-network
|
| systemd.network.networks.<name>.tunnel | A list of tunnel interfaces to be added to the network section of the
unit
|
| systemd.network.networks.<name>.bridge | A list of bridge interfaces to be added to the network section of the
unit
|
| services.prometheus.exporters.sql.configuration.jobs.<name>.startupSql | A list of SQL statements to execute once after making a connection.
|
| services.influxdb2.provision.organizations.<name>.auths.<name>.writePermissions | The read permissions to include for this token
|
| services.system76-scheduler.assignments.<name>.matchers | Process matchers.
|
| services.postgresqlWalReceiver.receivers.<name>.compress | Enables gzip compression of write-ahead logs, and specifies the compression level
(0 through 9, 0 being no compression and 9 being best compression)
|
| systemd.timers.<name>.requisite | Similar to requires
|
| systemd.slices.<name>.requisite | Similar to requires
|
| services.postgresqlWalReceiver.receivers.<name>.directory | Directory to write the output to.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.rekey_packets | Number of packets processed before initiating CHILD_SA rekeying
|
| services.icingaweb2.modules.monitoring.backends.<name>.disabled | Disable this backend
|
| services.sanoid.templates.<name>.pruning_script | Script to run after pruning snapshot.
|
| services.matomo.webServerUser | Name of the web server user that forwards requests to services.phpfpm.pools.<name>.socket the fastcgi socket for Matomo if the nginx
option is not used
|
| image.repart.partitions.<name>.storePaths | The store paths to include in the partition.
|
| services.prometheus.exporters.mqtt.mqttUsername | Username which should be used to authenticate against the MQTT broker.
|
| services.kanidm.provision.systems.oauth2.<name>.supplementaryScopeMaps | Maps kanidm groups to additionally returned oauth scopes
|
| programs.tsmClient.servers.<name>.tcpport | TCP port of the IBM TSM server
|
| systemd.network.netdevs.<name>.vxlanConfig | Each attribute in this set specifies an option in the
[VXLAN] section of the unit
|
| systemd.user.paths.<name>.startLimitIntervalSec | Configure unit start rate limiting
|
| systemd.network.networks.<name>.bridgeMDBs | A list of BridgeMDB sections to be added to the unit
|
| systemd.network.networks.<name>.bridgeFDBs | A list of BridgeFDB sections to be added to the unit
|
| services.sanoid.templates.<name>.script_timeout | Time limit for pre/post/pruning script execution time (<=0 for infinite).
|
| systemd.sockets.<name>.requiredBy | Units that require (i.e. depend on and need to go down with) this unit
|
| systemd.targets.<name>.requiredBy | Units that require (i.e. depend on and need to go down with) this unit
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote | Section for a remote authentication round
|