| services.matrix-synapse.workers.<name>.worker_log_config | The file for log configuration
|
| services.strongswan-swanctl.swanctl.connections.<name>.if_id_in | XFRM interface ID set on inbound policies/SA, can be overridden by child
config, see there for details
|
| services.postgresqlWalReceiver.receivers.<name>.statusInterval | Specifies the number of seconds between status packets sent back to the server
|
| services.bind.enable | Whether to enable BIND domain name server.
|
| systemd.network.networks.<name>.pfifoConfig | Each attribute in this set specifies an option in the
[PFIFO] section of the unit
|
| systemd.network.networks.<name>.bfifoConfig | Each attribute in this set specifies an option in the
[BFIFO] section of the unit
|
| systemd.network.networks.<name>.qdiscConfig | Each attribute in this set specifies an option in the
[QDisc] section of the unit
|
| services.shellhub-agent.preferredHostname | Set the device preferred hostname
|
| boot.initrd.luks.devices.<name>.fallbackToPassword | Whether to fallback to interactive passphrase prompt if the keyfile
cannot be found
|
| systemd.user.targets.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| systemd.user.sockets.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| services.strongswan-swanctl.swanctl.connections.<name>.unique | Connection uniqueness policy to enforce
|
| services.cloudflared.tunnels.<name>.originRequest.keepAliveConnections | Maximum number of idle keepalive connections between Tunnel and your origin
|
| services.dolibarr.h2o.serverName | Server name to be used for this virtual host
|
| services.mautrix-meta.instances.<name>.registrationServiceUnit | The registration service that generates the registration file
|
| services.pgpkeyserver-lite.hostname | Which hostname to set the vHost to that is proxying to sks.
|
| services.strongswan-swanctl.swanctl.connections.<name>.mediation | Whether this connection is a mediation connection, that is, whether this
connection is used to mediate other connections using the IKEv2 Mediation
Extension
|
| boot.specialFileSystems.<name>.device | The device as passed to mount
|
| services.influxdb2.provision.organizations.<name>.auths | API tokens to provision for the user in this organization.
|
| services.icingaweb2.modules.monitoring.transports.<name>.password | Password for the api transport
|
| services.fcron.allow | Users allowed to use fcrontab and fcrondyn (one name per
line, all for everyone).
|
| programs.xfs_quota.projects.<name>.path | Project directory.
|
| services.icingaweb2.modules.monitoring.transports.<name>.instance | Assign a icinga instance to this transport
|
| programs.tsmClient.servers.<name>.genPasswd | Whether to enable automatic client password generation
|
| boot.initrd.systemd.contents.<name>.dlopen.usePriority | Priority of dlopen ELF notes to include. "required" is
minimal, "recommended" includes "required", and
"suggested" includes "recommended"
|
| services.icingaweb2.modules.monitoring.transports.<name>.resource | SSH identity resource for the remote transport
|
| systemd.paths.<name>.startLimitIntervalSec | Configure unit start rate limiting
|
| services.monica.mail.fromName | Mail "from" name.
|
| fileSystems.<name>.overlay.upperdir | The path to the upperdir
|
| services.gancio.user | The user (and PostgreSQL database name) used to run the gancio server
|
| services.gitlab.host | GitLab host name
|
| services.r53-ddns.domain | The name of your domain in Route53
|
| systemd.user.targets.<name>.restartTriggers | An arbitrary list of items such as derivations
|
| systemd.user.sockets.<name>.restartTriggers | An arbitrary list of items such as derivations
|
| services.strongswan-swanctl.swanctl.connections.<name>.dpd_delay | Interval to check the liveness of a peer actively using IKEv2
INFORMATIONAL exchanges or IKEv1 R_U_THERE messages
|
| fileSystems.<name>.overlay.lowerdir | The list of path(s) to the lowerdir(s)
|
| image.repart.partitions.<name>.contents | The contents to end up in the filesystem image.
|
| services.strongswan-swanctl.swanctl.connections.<name>.rand_time | Time range from which to choose a random value to subtract from
rekey/reauth times
|
| services.prometheus.scrapeConfigs.*.ec2_sd_configs.*.filters.*.name | See this list
for the available filters.
|
| systemd.shutdownRamfs.contents.<name>.target | Path of the symlink.
|
| services.authelia.instances.<name>.environmentVariables | Additional environment variables to provide to authelia
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.policies_fwd_out | Whether to install outbound FWD IPsec policies or not
|
| networking.greTunnels.<name>.remote | The address of the remote endpoint to forward traffic over.
|
| systemd.network.networks.<name>.ipv6SendRAConfig | Each attribute in this set specifies an option in the
[IPv6SendRA] section of the unit
|
| systemd.network.netdevs.<name>.l2tpSessions | Each item in this array specifies an option in the
[L2TPSession] section of the unit
|
| services.nextcloud.config.objectstore.s3.hostname | Required for some non-Amazon implementations.
|
| services.simplesamlphp.<name>.settings.baseurlpath | URL where SimpleSAMLphp can be reached.
|
| services.btrbk.instances.<name>.settings.stream_compress | Compress the btrfs send stream before transferring it from/to remote locations using a
compression command.
|
| systemd.shutdownRamfs.contents.<name>.source | Path of the source file.
|
| systemd.network.networks.<name>.matchConfig | Each attribute in this set specifies an option in the
[Match] section of the unit
|
| systemd.user.sockets.<name>.listenDatagrams | For each item in this list, a ListenDatagram
option in the [Socket] section will be created.
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.resources.*.names | List of resources to host on this listener.
|
| services.strongswan-swanctl.swanctl.connections.<name>.send_cert | Send certificate payloads when using certificate authentication.
- With the default of
ifasked the daemon sends
certificate payloads only if certificate requests have been received.
never disables sending of certificate payloads
altogether,always causes certificate payloads to be sent
unconditionally whenever certificate authentication is used
|
| programs.tsmClient.servers.<name>.inclexcl | Text lines with include.* and exclude.* directives
to be used when sending files to the IBM TSM server,
or an absolute path pointing to a file with such lines.
|
| users.users.<name>.openssh.authorizedKeys.keys | A list of verbatim OpenSSH public keys that should be added to the
user's authorized keys
|
| systemd.timers.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| systemd.slices.<name>.reloadTriggers | An arbitrary list of items such as derivations
|
| services.cyrus-imap.user | Cyrus IMAP user name
|
| services.prometheus.exporters.pihole.piholeHostname | Hostname or address where to find the Pi-Hole webinterface
|
| networking.supplicant.<name>.bridge | Name of the bridge interface that wpa_supplicant should listen at.
|
| systemd.user.timers.<name>.description | Description of this unit used in systemd messages and progress indicators.
|
| systemd.user.slices.<name>.description | Description of this unit used in systemd messages and progress indicators.
|
| systemd.network.netdevs.<name>.macvlanConfig | Each attribute in this set specifies an option in the
[MACVLAN] section of the unit
|
| services.strongswan-swanctl.swanctl.connections.<name>.if_id_out | XFRM interface ID set on outbound policies/SA, can be overridden by child
config, see there for details
|
| systemd.shutdownRamfs.contents.<name>.enable | Whether to enable copying of this file and symlinking it.
|
| services.easytier.instances.<name>.settings.network_secret | EasyTier network credential used for verification and
encryption
|
| systemd.user.sockets.<name>.startLimitIntervalSec | Configure unit start rate limiting
|
| systemd.user.targets.<name>.startLimitIntervalSec | Configure unit start rate limiting
|
| services.wiki-js.settings.db.db | Name of the database to use.
|
| services.pantalaimon-headless.instances.<name>.homeserver | The URI of the homeserver that the pantalaimon proxy should
forward requests to, without the matrix API path but including
the http(s) schema.
|
| services.murmur.user | The name of an existing user to use to run the service
|
| services.nscd.config | Configuration to use for Name Service Cache Daemon
|
| services.avahi.hostName | Host name advertised on the LAN
|
| services.artalk.group | Artalk group name.
|
| services.zammad.group | Name of the Zammad group.
|
| services.weblate.smtp.user | SMTP login name.
|
| networking.jool.siit.<name>.framework | The framework to use for attaching Jool's translation to the exist
kernel packet processing rules
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.esp_proposals | ESP proposals to offer for the CHILD_SA
|
| systemd.timers.<name>.restartTriggers | An arbitrary list of items such as derivations
|
| systemd.slices.<name>.restartTriggers | An arbitrary list of items such as derivations
|
| services.gitlab-runner.services.<name>.authenticationTokenConfigFile | Absolute path to a file containing environment variables used for
gitlab-runner registrations with runner authentication tokens
|
| services.postgresqlWalReceiver.receivers.<name>.environment | Environment variables passed to the service
|
| systemd.network.networks.<name>.bridgeConfig | Each attribute in this set specifies an option in the
[Bridge] section of the unit
|
| systemd.network.networks.<name>.pfifoFastConfig | Each attribute in this set specifies an option in the
[PFIFOFast] section of the unit
|
| services.guix.publish.user | Name of the user to change once the server is up.
|
| services.keter.bundle.appName | The name keter assigns to this bundle
|
| services.stargazer.certOrg | The name of the organization responsible for the X.509
certificate's /O name.
|
| services.sftpgo.group | Group name under which SFTPGo runs.
|
| services.strongswan-swanctl.swanctl.connections.<name>.over_time | Hard IKE_SA lifetime if rekey/reauth does not complete, as time
|
| services.kerberos_server.settings.realms.<name>.acl.*.principal | Which principal the rule applies to
|
| boot.initrd.luks.devices.<name>.bypassWorkqueues | Whether to bypass dm-crypt's internal read and write workqueues
|
| services.prometheus.exporters.sql.configuration.jobs.<name>.connections | A list of connection strings of the SQL servers to scrape metrics from
|
| networking.nftables.tables.<name>.family | Table family.
|
| networking.nftables.tables.<name>.enable | Enable this table.
|
| networking.wg-quick.interfaces.<name>.listenPort | 16-bit port for listening
|
| image.repart.partitions.<name>.repartConfig | Specify the repart options for a partiton as a structural setting
|
| services.cntlm.domain | Proxy account domain/workgroup name.
|
| users.users.<name>.openssh.authorizedKeys.keyFiles | A list of files each containing one OpenSSH public key that should be
added to the user's authorized keys
|
| services.influxdb2.provision.organizations.<name>.buckets | Buckets to provision in this organization.
|
| services.matrix-continuwuity.settings.global.server_name | The server_name is the name of this server
|