| services.dependency-track.settings."alpine.data.directory" | Defines the path to the data directory
|
| systemd.user.paths.<name>.bindsTo | Like ‘requires’, but in addition, if the specified units
unexpectedly disappear, this unit will be stopped as well.
|
| services.httpd.virtualHosts.<name>.listen.*.ip | IP to listen on. 0.0.0.0 for IPv4 only, * for all.
|
| services.waagent.settings.Provisioning.Enable | Whether to enable provisioning functionality in the agent
|
| services.ghostunnel.servers.<name>.allowDNS | Allow client if DNS subject alternative name appears in the list.
|
| services.ghostunnel.servers.<name>.allowURI | Allow client if URI subject alternative name appears in the list.
|
| services.firewalld.settings.NftablesFlowtable | This may improve forwarded traffic throughput by enabling nftables flowtable
|
| systemd.slices.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| systemd.paths.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| users.groups.<name>.members | The user names of the group members, added to the
/etc/group file.
|
| systemd.timers.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| services.postfix.settings.main.mydestination | List of domain names intended for local delivery using /etc/passwd and /etc/aliases.
Do not include virtual domains in this list.
https://www.postfix.org/postconf.5.html#mydestination
|
| services.honk.servername | The server name.
|
| services.grafana.provision.alerting.contactPoints.settings | Grafana contact points configuration in Nix
|
| users.users.<name>.autoSubUidGidRange | Automatically allocate subordinate user and group ids for this user
|
| services.grafana.provision.dashboards.settings.apiVersion | Config file version.
|
| services.grafana-image-renderer.settings.rendering.mode | Rendering mode of grafana-image-renderer:
default: Creates on browser-instance
per rendering request.reusable: One browser instance
will be started and reused for each rendering request.clustered: allows to precisely
configure how many browser-instances are supposed to be used
|
| services.fedimintd.<name>.nginx.config.http3 | Whether to enable the HTTP/3 protocol
|
| security.pam.u2f.settings.authfile | By default pam-u2f module reads the keys from
$XDG_CONFIG_HOME/Yubico/u2f_keys (or
$HOME/.config/Yubico/u2f_keys if XDG variable is
not set)
|
| services.slskd.settings.retention.transfers.download.errored | Lifespan of errored download tasks.
|
| services.blockbook-frontend.<name>.group | The group as which to run blockbook-frontend-‹name›.
|
| services.grafana.provision.datasources.settings | Grafana datasource configuration in Nix
|
| services.nebula.networks.<name>.enable | Enable or disable this network.
|
| services.sanoid.datasets.<name>.hourly | Number of hourly snapshots.
|
| services.sanoid.datasets.<name>.yearly | Number of yearly snapshots.
|
| services.drupal.sites.<name>.privateFilesDir | The location of the Drupal private files directory.
|
| services.openvpn.servers.<name>.autoStart | Whether this OpenVPN instance should be started automatically.
|
| services.nebula.networks.<name>.listen.port | Port number to listen on.
|
| services.snipe-it.nginx.locations.<name>.root | Root directory for requests.
|
| services.nebula.networks.<name>.listen.host | IP address to listen on.
|
| services.znc.confOptions.networks.<name>.port | IRC server port.
|
| services.tahoe.nodes.<name>.sftpd.hostPrivateKeyFile | Path to the SSH host private key.
|
| services.public-inbox.inboxes.<name>.watch | Paths for public-inbox-watch(1) to monitor for new mail.
|
| services.udp-over-tcp.tcp2udp.<name>.threads | Sets the number of worker threads to use
|
| services.synapse-auto-compressor.settings.levels | Sizes of each new level in the compression algorithm, as a comma-separated list
|
| services.veilid.settings.client_api.ipc_enabled | veilid-server will respond to Python and other JSON client requests.
|
| hardware.alsa.cardAliases.<name>.driver | Name of the kernel module that provides the card.
|
| services.grafana.settings.users.allow_sign_up | Set to false to prohibit users from being able to sign up / create user accounts
|
| services.borgmatic.settings.repositories.*.label | Label to the repository
|
| services.tor.settings.CookieAuthentication | See torrc manual.
|
| security.pam.services.<name>.ttyAudit.openOnly | Set the TTY audit flag when opening the session,
but do not restore it when closing the session
|
| services.xserver.displayManager.lightdm.greeters.slick.iconTheme.name | Name of the icon theme to use for the lightdm-slick-greeter.
|
| services.bitcoind.<name>.testnet | Whether to use the testnet instead of mainnet.
|
| users.extraUsers.<name>.enable | If set to false, the user account will not be created
|
| services.grafana.provision.alerting.templates.settings | Grafana templates configuration in Nix
|
| services.your_spotify.settings.CLIENT_ENDPOINT | The endpoint of your web application
|
| power.ups.upsmon.monitor.<name>.user | Username from upsd.users for accessing this UPS
|
| services.mackerel-agent.settings.host_status.on_start | Host status after agent startup.
|
| services.grafana.provision.alerting.muteTimings.settings.apiVersion | Config file version.
|
| services.kimai.sites.<name>.database.socket | Path to the unix socket file to use for authentication.
|
| security.pam.services.<name>.howdy.control | This option sets the PAM "control" used for this module.
|
| services.immichframe.settings.Accounts.*.ImmichServerUrl | The URL of your Immich server.
|
| security.acme.certs.<name>.group | Group running the ACME client.
|
| services.znapzend.zetup.<name>.sendDelay | Specify delay (in seconds) before sending snaps to the destination
|
| services.warpgate.settings.mysql.external_port | The MySQL listener is reachable via this port externally.
|
| services.libeufin.nexus.settings.libeufin-nexusdb-postgres.CONFIG | The database connection string for the libeufin-nexus database.
|
| services.keepalived.vrrpScripts.<name>.group | Name of group to run the script under
|
| services.nvme-rs.settings.thresholds.wear_warning | Wear warning threshold (%)
|
| users.users.<name>.subUidRanges.*.count | Count of subordinate user ids
|
| users.users.<name>.subGidRanges.*.count | Count of subordinate group ids
|
| services.your_spotify.settings.API_ENDPOINT | The endpoint of your server
This api has to be reachable from the device you use the website from not from the server
|
| security.pam.u2f.settings.interactive | Set to prompt a message and wait before testing the presence of a U2F device
|
| services.nsd.zones.<name>.dnssecPolicy.ksk.prePublish | How long in advance to publish new keys
|
| services.nsd.zones.<name>.dnssecPolicy.zsk.prePublish | How long in advance to publish new keys
|
| services.slskd.settings.retention.transfers.upload.cancelled | Lifespan of cancelled upload tasks.
|
| services.slskd.settings.retention.transfers.upload.succeeded | Lifespan of succeeded upload tasks.
|
| services.grafana.provision.datasources.settings.prune | When true, provisioned datasources from this file will be deleted
automatically when removed from
services.grafana.provision.datasources.settings.datasources.
|
| security.pam.services.<name>.howdy.enable | Whether to enable the Howdy PAM module
|
| services.drupal.sites.<name>.virtualHost.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| services.livekit.settings.rtc.port_range_end | End of UDP port range for WebRTC
|
| services.suricata.settings.exception-policy | Define a common behavior for all exception policies
|
| services.fedimintd.<name>.nginx.config.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| users.extraUsers.<name>.pamMount | Attributes for user's entry in
pam_mount.conf.xml
|
| services.dokuwiki.sites.<name>.package | The dokuwiki package to use.
|
| services.znapzend.zetup.<name>.dataset | The dataset to use for this source.
|
| services.nginx.virtualHosts.<name>.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cacert.<name>.handle | Hex-encoded CKA_ID or handle of the certificate on a token or TPM,
respectively
|
| services.nvme-rs.settings.thresholds.temp_warning | Temperature warning threshold (°C)
|
| services.navidrome.settings.EnableInsightsCollector | Enable anonymous usage data collection, see https://www.navidrome.org/docs/getting-started/insights/ for details.
|
| services.prometheus.exporters.fritz.settings.log_level | Log level to use for the exporter.
|
| services.dependency-track.settings."alpine.database.mode" | Defines the database mode of operation
|
| services.nextcloud-spreed-signaling.settings.https.listen | IP and port to listen on for HTTPS requests, in the format of ip:port
|
| services.anubis.defaultOptions.settings.OG_PASSTHROUGH | Whether to enable Open Graph tag passthrough
|
| services.httpd.virtualHosts.<name>.listen.*.ssl | Whether to enable SSL (https) support.
|
| services.restic.backups.<name>.exclude | Patterns to exclude when backing up
|
| services.nsd.zones.<name>.allowAXFRFallback | If NSD as secondary server should be allowed to AXFR if the primary
server does not allow IXFR.
|
| security.pam.services.<name>.setLoginUid | Set the login uid of the process
(/proc/self/loginuid) for auditing
purposes
|
| services.tinc.networks.<name>.hostSettings.<name>.subnets.*.prefixLength | The prefix length of the subnet
|
| systemd.services.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| systemd.units.<name>.aliases | Aliases of that unit.
|
| systemd.paths.<name>.aliases | Aliases of that unit.
|
| services.hercules-ci-agent.settings.staticSecretsDirectory | This is the default directory to look for statically configured secrets like cluster-join-token.key
|
| services.prometheus.exporters.nginxlog.settings.consul | Consul integration options
|
| systemd.user.paths.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| systemd.user.slices.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| systemd.user.timers.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| services.nginx.proxyCachePath.<name>.levels | The levels parameter defines structure of subdirectories in cache: from
1 to 3, each level accepts values 1 or 2
|
| services.fedimintd.<name>.enable | Whether to enable fedimintd.
|
| services.nsd.zones.<name>.children | Children zones inherit all options of their parents
|
| services.headscale.settings.dns.extra_records | Extra DNS records to expose to clients.
|