| services.hostapd.radios.<name>.settings | Extra configuration options to put at the end of global initialization, before defining BSSs
|
| services.drupal.sites.<name>.virtualHost.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.sabnzbd.settings.servers.<name>.timeout | Time, in seconds, to wait for a response before
attempting error recovery.
|
| services.firewalld.zones.<name>.sourcePorts.*.protocol | |
| services.snipe-it.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.moodle.virtualHost.locations.<name>.proxyPass | Sets up a simple reverse proxy as described by https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html#simple.
|
| services.syncthing.settings.folders.<name>.type | Controls how the folder is handled by Syncthing
|
| services.radicle.httpd.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.nagios.virtualHost.locations.<name>.proxyPass | Sets up a simple reverse proxy as described by https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html#simple.
|
| networking.fqdn | The fully qualified domain name (FQDN) of this host
|
| services.taskserver.fqdn | The fully qualified domain name of this server, which is also used
as the common name in the certificates.
|
| services.v4l2-relayd.instances.<name>.extraPackages | Extra packages to add to GST_PLUGIN_PATH for the instance.
|
| services.kanidm.provision.persons.<name>.present | Whether to ensure that this person is present or absent.
|
| systemd.timers.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| systemd.slices.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| services.reposilite.database.dbname | Database name.
|
| virtualisation.fileSystems.<name>.encrypted.label | Label of the unlocked encrypted device
|
| services.armagetronad.servers.<name>.dns | DNS address to use for this server
|
| services.invoiceplane.sites.<name>.enable | Whether to enable InvoicePlane web application.
|
| services.peering-manager.oidcConfigPath | Path to the Configuration-File for OIDC-Authentication, will be loaded as oidc_config.py
|
| services.hqplayerd.licenseFile | Path to the HQPlayer license key file
|
| services.nsd.remoteControl.serverCertFile | Path to the server self signed certificate, which is used by the server
but and by nsd-control
|
| services.syncthing.guiPasswordFile | Path to file containing the plaintext password for Syncthing's GUI.
|
| services.tcsd.platformCred | Path to the platform credential for your TPM
|
| services.miniflux.config.LISTEN_ADDR | Address to listen on
|
| services.openiscsi.extraConfigFile | Append an additional file's contents to /etc/iscsid.conf
|
| services.oauth2-proxy.customTemplatesDir | Path to custom HTML templates.
|
| services.peering-manager.ldapConfigPath | Path to the Configuration-File for LDAP-Authentication, will be loaded as ldap_config.py
|
| services.sshwifty.socks5PasswordFile | Path to a file containing the SOCKS5 password.
|
| services.zabbixWeb.httpd.virtualHost.sslServerKey | Path to server SSL certificate key.
|
| services.weblate.djangoSecretKeyFile | Location of the Django secret key
|
| services.dnscrypt-proxy.configFile | Path to TOML config file
|
| services.kanboard.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.fediwall.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.agorakit.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.dolibarr.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.librenms.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.agorakit.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.librenms.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.dolibarr.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.kanboard.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.fediwall.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.pgbackrest.repos.<name>.sftp-private-key-file | SFTP private key file
|
| services.mainsail.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.pixelfed.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| services.mainsail.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.pixelfed.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.firezone.server.provision.accounts.<name>.resources | All resources to provision
|
| boot.initrd.luks.devices.<name>.bypassWorkqueues | Whether to bypass dm-crypt's internal read and write workqueues
|
| services.sanoid.datasets.<name>.recursive | Whether to recursively snapshot dataset children
|
| systemd.network.netdevs.<name>.wireguardPeers | Each item in this array specifies an option in the
[WireGuardPeer] section of the unit
|
| security.acme.certs.<name>.dnsPropagationCheck | Toggles lego DNS propagation check, which is used alongside DNS-01
challenge to ensure the DNS entries required are available.
|
| services.postfix.settings.master.<name>.maxproc | The maximum number of processes to spawn for this service
|
| services.bookstack.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.woodpecker-agents.agents.<name>.package | The woodpecker-agent package to use.
|
| services.vdirsyncer.jobs.<name>.config.storages | vdirsyncer storage configurations
|
| boot.initrd.luks.devices.<name>.fido2.credentials | List of FIDO2 credential IDs
|
| networking.interfaces.<name>.virtual | Whether this interface is virtual and should be created by tunctl
|
| networking.wg-quick.interfaces.<name>.address | The IP addresses of the interface.
|
| services.kubernetes.kubelet.taints.<name>.effect | Effect of taint.
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cert_policy | List of certificate policy OIDs the peer's certificate
must have
|
| services.drupal.sites.<name>.virtualHost.globalRedirect | If set, all requests for this host are redirected permanently to
the given URL.
|
| services.wordpress.sites.<name>.virtualHost.servedDirs | This option provides a simple way to serve static directories.
|
| services.firezone.server.provision.accounts.<name>.gatewayGroups | All gateway groups (sites) to provision
|
| services.wyoming.faster-whisper.servers.<name>.beamSize | The number of beams to use in beam search
|
| services.kimai.sites.<name>.database.serverVersion | MySQL exact version string
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.life_time | Maximum lifetime before CHILD_SA gets closed
|
| systemd.network.networks.<name>.fairQueueingConfig | Each attribute in this set specifies an option in the
[FairQueueing] section of the unit
|
| services.firezone.server.provision.accounts.<name>.resources.<name>.addressDescription | An optional description for resource address, usually a full link to the resource including a schema.
|
| services.gitea-actions-runner.instances.<name>.enable | Whether to enable Gitea Actions Runner instance.
|
| services.wyoming.piper.servers.<name>.zeroconf.enable | Whether to enable zeroconf discovery.
|
| services.v4l2-relayd.instances.<name>.input.pipeline | The gstreamer-pipeline to use for the input-stream.
|
| services.httpd.virtualHosts.<name>.listenAddresses | Listen addresses for this virtual host
|
| boot.initrd.systemd.contents.<name>.dlopen.features | Features to enable via dlopen ELF notes
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.rand_bytes | Byte range from which to choose a random value to subtract from
rekey_bytes
|
| services.sanoid.datasets.<name>.processChildrenOnly | Whether to only snapshot child datasets if recursing.
|
| services.spiped.config.<name>.disableKeepalives | Disable transport layer keep-alives.
|
| services.zabbixWeb.nginx.virtualHost.locations.<name>.root | Root directory for requests.
|
| services.fedimintd.<name>.nginx.config.listen | Listen addresses and ports for this virtual host
|
| services.fedimintd.<name>.nginx.config.basicAuthFile | Basic Auth password file for a vhost
|
| services.gancio.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.fluidd.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.akkoma.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.matomo.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.monica.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| boot.zfs.devNodes | Name of directory from which to import ZFS device, this is passed to zpool import
as the value of the -d option
|
| services.tarsnap.archives | Tarsnap archive configurations
|
| security.pam.services.<name>.kwallet.forceRun | The force_run option is used to tell the PAM module for KWallet
to forcefully run even if no graphical session (such as a GUI
display manager) is detected
|
| services.armagetronad.servers.<name>.host | Host to listen on
|
| services.keepalived.vrrpInstances.<name>.useVmac | Use VRRP Virtual MAC.
|
| services.armagetronad.servers.<name>.port | Port to listen on
|
| services.librenms.database.username | Name of the user on the MySQL/MariaDB server
|
| services.gns3-server.auth.passwordFile | A file containing the password to access the GNS3 Server.
This should be a string, not a nix path, since nix paths
are copied into the world-readable nix store.
|
| services.dolibarr.h2o.tls.identity.*.key-file | Path to key file
|
| services.firezone.relay.tokenFile | A file containing the firezone relay token
|
| services.sillytavern.configFile | Path to the SillyTavern configuration file.
|
| services.ncdns.dnssec.keys.zonePublic | Path to the file containing the ZSK public key
|
| services.microbin.passwordFile | Path to file containing environment variables
|
| services.nextcloud.datadir | Nextcloud's data storage path
|
| services.oauth2-proxy.nginx.domain | The domain under which the oauth2-proxy will be accesible and the path of cookies are set to
|