| services.cloudflared.tunnels.<name>.originRequest.proxyType | cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP
|
| systemd.mounts.*.wantedBy | Units that want (i.e. depend on) this unit
|
| services.samba-wsdd.domain | Set domain name (disables workgroup).
|
| services.keepalived.vrrpInstances.<name>.unicastPeers | Do not send VRRP adverts over VRRP multicast group
|
| security.ipa.shells | List of shells which binaries should be installed to /bin/
|
| services.firezone.server.smtp.username | Username to authenticate against the SMTP relay
|
| services.cloudflared.tunnels.<name>.originRequest.proxyAddress | cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP
|
| services.strongswan-swanctl.swanctl.authorities.<name>.slot | Optional slot number of the token that stores the certificate.
|
| services.vault.address | The name of the ip interface to listen to
|
| services.cyrus-imap.group | Cyrus IMAP group name
|
| security.pam.services.<name>.googleAuthenticator.enable | If set, users with enabled Google Authenticator (created
~/.google_authenticator) will be required
to provide Google Authenticator token to log in.
|
| systemd.network.networks.<name>.deficitRoundRobinSchedulerClassConfig | Each attribute in this set specifies an option in the
[DeficitRoundRobinSchedulerClass] section of the unit
|
| services.tmate-ssh-server.host | External host name
|
| services.tlsrpt.reportd.settings.dbname | Path to the sqlite database.
|
| boot.initrd.systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.argument | An argument whose meaning depends on the type of operation
|
| security.pam.services.<name>.googleAuthenticator.allowNullOTP | Whether to allow login for accounts that have no OTP set
(i.e., accounts with no OTP configured or no existing
~/.google_authenticator).
|
| services.keepalived.vrrpInstances.<name>.trackInterfaces | List of network interfaces to monitor for health tracking.
|
| services.angrr.settings.temporary-root-policies.<name>.filter.arguments | Extra command-line arguments pass to the external filter program.
|
| services.gitlab-runner.services.<name>.registrationFlags | Extra command-line flags passed to
gitlab-runner register
|
| services.limesurvey.nginx.virtualHost.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.gitlab-runner.services.<name>.registrationConfigFile | Absolute path to a file with environment variables
used for gitlab-runner registration with runner registration
tokens
|
| services.taskserver.organisations.<name>.groups | A list of group names that belong to the organization.
|
| services.angrr.settings.temporary-root-policies.<name>.ignore-prefixes | List of path prefixes to ignore
|
| services.misskey.reverseProxy.webserver.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.fluidd.nginx.locations.<name>.recommendedUwsgiSettings | Enable recommended uwsgi settings.
|
| services.akkoma.nginx.locations.<name>.recommendedUwsgiSettings | Enable recommended uwsgi settings.
|
| services.gancio.nginx.locations.<name>.recommendedUwsgiSettings | Enable recommended uwsgi settings.
|
| services.fluidd.nginx.locations.<name>.recommendedProxySettings | Enable recommended proxy settings.
|
| services.gancio.nginx.locations.<name>.recommendedProxySettings | Enable recommended proxy settings.
|
| services.akkoma.nginx.locations.<name>.recommendedProxySettings | Enable recommended proxy settings.
|
| services.monica.nginx.locations.<name>.recommendedProxySettings | Enable recommended proxy settings.
|
| services.matomo.nginx.locations.<name>.recommendedUwsgiSettings | Enable recommended uwsgi settings.
|
| services.monica.nginx.locations.<name>.recommendedUwsgiSettings | Enable recommended uwsgi settings.
|
| services.matomo.nginx.locations.<name>.recommendedProxySettings | Enable recommended proxy settings.
|
| users.mysql.pam.logging.msgColumn | The name of the column in the log table to which the description
of the performed operation is stored.
|
| services.pgadmin.emailServer.username | SMTP server username for email delivery
|
| services.woodpecker-agents.agents.<name>.environmentFile | File to load environment variables
from
|
| services.icingaweb2.libraryPaths | Libraries to add to the Icingaweb2 library path
|
| services.borgbackup.repos.<name>.authorizedKeysAppendOnly | Public SSH keys that can only be used to append new data (archives) to the repository
|
| services.sanoid.datasets.<name>.script_timeout | Time limit for pre/post/pruning script execution time (<=0 for infinite).
|
| services.bacula-fd.tls.verifyPeer | Verify peer certificate
|
| services.bacula-sd.tls.verifyPeer | Verify peer certificate
|
| services.murmur.group | The name of an existing group to use to run the service
|
| services.tor.relay.onionServices.<name>.settings.HiddenServiceMaxStreamsCloseCircuit | See torrc manual.
|
| services.authelia.instances.<name>.settings.telemetry.metrics.enabled | Enable Metrics.
|
| services.parsedmarc.provision.localMail.recipientName | The DMARC mail recipient name, i.e. the name part of the
email address which receives DMARC reports
|
| virtualisation.fileSystems.<name>.overlay.workdir | The path to the workdir
|
| boot.initrd.luks.devices | The encrypted disk that should be opened before the root
filesystem is mounted
|
| services.discourse.admin.username | The admin user username.
|
| services.baikal.pool | Name of existing phpfpm pool that is used to run web-application
|
| services.invoiceplane.sites.<name>.invoiceTemplates | List of path(s) to respective template(s) which are copied from the 'invoice_templates/pdf' directory.
These templates need to be packaged before use, see example.
|
| services.outline.smtp.host | Host name or IP address of the SMTP server.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.policies_fwd_out | Whether to install outbound FWD IPsec policies or not
|
| services.system76-scheduler.assignments.<name>.matchers | Process matchers.
|
| services.dokuwiki.webserver | Whether to use nginx or caddy for virtual host management
|
| services.freshrss.webserver | Whether to use nginx or caddy for virtual host management
|
| services.borgbackup.jobs.<name>.encryption.passphrase | The passphrase the backups are encrypted with
|
| services.kismet.serverName | The name of the server.
|
| services.bacula-dir.tls.verifyPeer | Verify peer certificate
|
| users.extraUsers.<name>.password | Specifies the (clear text) password for the user
|
| services.postgresqlWalReceiver.receivers.<name>.directory | Directory to write the output to.
|
| services.cloudflared.tunnels.<name>.originRequest.noHappyEyeballs | Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols.
|
| services.gdomap.enable | Whether to enable GNUstep Distributed Objects name server.
|
| systemd.network.networks.<name>.fairQueueingControlledDelayConfig | Each attribute in this set specifies an option in the
[FairQueueingControlledDelay] section of the unit
|
| services.sanoid.templates.<name>.pruning_script | Script to run after pruning snapshot.
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.resources.*.names | List of resources to host on this listener.
|
| services.hostapd.radios.<name>.networks.<name>.authentication.enableRecommendedPairwiseCiphers | Additionally enable the recommended set of pairwise ciphers
|
| services.gitlab.databaseUsername | GitLab database user.
|
| services.authelia.instances.<name>.secrets.storageEncryptionKeyFile | Path to your storage encryption key.
|
| services.strongswan-swanctl.swanctl.authorities.<name>.file | Absolute path to the certificate to load
|
| services.archisteamfarm.bots.<name>.passwordFile | Path to a file containing the password
|
| services.kerberos_server.settings.realms.<name>.acl | The privileges granted to a user.
|
| services.cloudflared.tunnels.<name>.edgeIPVersion | Specifies the IP address version (IPv4 or IPv6) used to establish a connection between cloudflared and the Cloudflare global network
|
| xdg.portal.config | Sets which portal backend should be used to provide the implementation
for the requested interface
|
| services.librenms.user | Name of the LibreNMS user.
|
| virtualisation.allInterfaces.<name>.assignIP | Automatically assign an IP address to the network interface using the same scheme as
virtualisation.vlans.
|
| services.authelia.instances.<name>.settings.telemetry.metrics.address | The address to listen on for metrics
|
| services.pantalaimon-headless.instances.<name>.listenPort | The port where the daemon will listen to client connections for
this homeserver
|
| users.mysql.pam.logging.timeColumn | The name of the column in the log table to which the timestamp of the
log entry is stored.
|
| services.icecream.daemon.hostname | Hostname of the daemon in the icecream infrastructure
|
| services.wiki-js.settings.db.db | Name of the database to use.
|
| services.tor.torsocks.socks5Username | SOCKS5 username
|
| security.pam.services.<name>.googleAuthenticator.forwardPass | The authentication provides a single field requiring
the user's password followed by the one-time password (OTP).
|
| services.angrr.settings.temporary-root-policies.<name>.ignore-prefixes-in-home | Path prefixes to ignore under home directory
|
| services.hddfancontrol.settings.<drive-bay-name>.pwmPaths | PWM filepath(s) to control fan speed (under /sys), followed by initial and fan-stop PWM values
Can also use command substitution to ensure the correct hwmonX is selected on every boot
|
| virtualisation.fileSystems.<name>.encrypted.enable | The block device is backed by an encrypted one, adds this device as a initrd luks entry.
|
| services.misskey.reverseProxy.webserver.nginx.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.prometheus.exporters.imap-mailstat.accounts.<name>.password | |
| services.namecoind.trustedNodes | List of the only peer IP addresses to connect to
|
| services.forgejo.dump.file | Filename to be used for the dump
|
| services.strongswan-swanctl.swanctl.connections.<name>.ppk_id | String identifying the Postquantum Preshared Key (PPK) to be used.
|
| users.mysql.pam.logging.pidColumn | The name of the column in the log table to which the pid of the
process utilising the pam_mysql authentication
service is stored.
|
| services.epmd.enable | Whether to enable socket activation for Erlang Port Mapper Daemon (epmd),
which acts as a name server on all hosts involved in distributed
Erlang computations.
|
| services.syncthing.settings.folders.<name>.copyOwnershipFromParent | On Unix systems, tries to copy file/folder ownership from the parent directory (the directory it’s located in)
|
| services.hadoop.hdfs.namenode.openFirewall | Open firewall ports for HDFS NameNode.
|
| services.radicle.httpd.nginx.locations.<name>.recommendedUwsgiSettings | Enable recommended uwsgi settings.
|
| services.radicle.httpd.nginx.locations.<name>.recommendedProxySettings | Enable recommended proxy settings.
|
| services.cloudflared.tunnels.<name>.originRequest.connectTimeout | Timeout for establishing a new TCP connection to your origin server
|
| boot.binfmt.registrations.<name>.wrapInterpreterInShell | Whether to wrap the interpreter in a shell script
|
| services.bacula-sd.autochanger.<name>.extraAutochangerConfig | Extra configuration to be passed in Autochanger directive.
|