| services.nebula.networks.<name>.firewall.inbound | Firewall rules for inbound traffic.
|
| services.forgejo.database.name | Database name.
|
| services.redmine.database.name | Database name.
|
| networking.nftables.tables.<name>.content | The table content.
|
| services.gitea-actions-runner.instances.<name>.name | The name identifying the runner instance towards the Gitea/Forgejo instance.
|
| users.extraUsers.<name>.uid | The account UID
|
| services.pdfding.database.name | PostgreSQL database name
|
| services.firewalld.zones.<name>.icmpBlocks | ICMP types to block in the zone.
|
| services.firewalld.zones.<name>.version | Version of the zone.
|
| services.rsync.jobs.<name>.group | The name of an existing user group under which the rsync process should run.
|
| services.firezone.server.provision.accounts.<name>.relayGroups.<name>.name | The name of this relay group
|
| services.legit.settings.server.name | Server name.
|
| services.firezone.gateway.name | The name of this gateway as shown in firezone
|
| systemd.units.<name>.text | Text of this systemd unit.
|
| services.hans.clients | Each attribute of this option defines a systemd service that
runs hans
|
| hardware.deviceTree.overlays.*.name | Name of this overlay
|
| networking.wlanInterfaces.<name>.meshID | MeshID of interface with type mesh.
|
| services.zabbixProxy.database.name | Database name.
|
| networking.wlanInterfaces.<name>.type | The type of the WLAN interface
|
| power.ups.ups.<name>.summary | Lines which would be added inside ups.conf for handling this UPS.
|
| services.selfoss.database.name | Name of the existing database (has no effect if type is "sqlite").
|
| services.armagetronad.servers.<name>.name | The name of this server.
|
| services.firewalld.zones.<name>.sources | Source addresses, address ranges, MAC addresses or ipsets to bind.
|
| networking.supplicant.<name>.driver | Force a specific wpa_supplicant driver.
|
| networking.wlanInterfaces.<name>.flags | Flags for interface of type monitor.
|
| services.firewalld.zones.<name>.sources.*.mac | A MAC address.
|
| users.extraUsers.<name>.group | The user's primary group.
|
| networking.vswitches.<name>.openFlowRules | OpenFlow rules to insert into the Open vSwitch
|
| services.tor.relay.onionServices.<name>.settings.HiddenServiceAllowUnknownPorts | See torrc manual.
|
| services.nebula.networks.<name>.firewall.outbound | Firewall rules for outbound traffic.
|
| networking.wireless.networks.<name>.bssid | If set, this network block is used only when associating with
the AP using the configured BSSID.
|
| services.ndppd.proxies.<name>.rules.<name>.network | This is the target address is to match against
|
| services.autossh.sessions.*.name | Name of the local AutoSSH session
|
| systemd.automounts.*.name | The name of this systemd unit, including its extension
|
| programs.neovim.runtime.<name>.target | Name of symlink
|
| security.acme.certs.<name>.domain | Domain to fetch certificate for (defaults to the entry name).
|
| networking.wlanInterfaces.<name>.fourAddr | Whether to enable 4-address mode with type managed.
|
| networking.wlanInterfaces.<name>.mac | MAC address to use for the device
|
| networking.vlans | This option allows you to define vlan devices that tag packets
on top of a physical interface
|
| services.firezone.server.provision.accounts.<name>.gatewayGroups.<name>.name | The name of this gateway group
|
| services.nsd.zones.<name>.zoneStats | When set to something distinct to null NSD is able to collect
statistics per zone
|
| networking.supplicant.<name>.extraCmdArgs | Command line arguments to add when executing wpa_supplicant.
|
| networking.wireless.networks.<name>.hidden | Set this to true if the SSID of the network is hidden.
|
| services.dolibarr.database.name | Database name.
|
| services.castopod.database.name | Database name.
|
| services.agorakit.database.name | Database name.
|
| services.mastodon.database.name | Database name.
|
| services.peertube.database.name | Database name.
|
| services.pixelfed.database.name | Database name.
|
| services.windmill.database.name | Database name.
|
| services.zabbixServer.database.name | Database name.
|
| services.firewalld.services.<name>.ports | Ports of the service.
|
| services.firezone.server.provision.accounts.<name>.resources.<name>.name | The name of this resource
|
| networking.wireless.networks.<name>.psk | The network's pre-shared key in plaintext defaulting
to being a network without any authentication.
Be aware that this will be written to the Nix store
in plaintext! Use pskRaw with an external
reference to keep it safe.
Mutually exclusive with pskRaw.
|
| networking.macvlans.<name>.interface | The interface the macvlan will transmit packets through.
|
| services.firewalld.zones.<name>.services | Services to allow in the zone.
|
| services.firewalld.services.<name>.short | Short description for the service.
|
| systemd.user.units.<name>.text | Text of this systemd unit.
|
| services.dawarich.database.name | The name of the dawarich database.
|
| services.cloudlog.database.name | MySQL database name.
|
| services.freshrss.database.name | Database name for FreshRSS.
|
| services.wyoming.satellite.name | Name of the satellite.
|
| networking.wireless.networks.<name>.ssid | You could use this field to override the network's ssid
|
| services.firewalld.zones.<name>.forward | Whether to enable intra-zone forwarding
|
| services.i2pd.inTunnels.<name>.port | Bind port for ‹name› endpoint.
|
| services.firewalld.zones.<name>.sources.*.ipset | An ipset.
|
| networking.bonds | This option allows you to define bond devices that aggregate multiple,
underlying networking interfaces together
|
| power.ups.users.<name>.upsmon | Add the necessary actions for a upsmon process to work
|
| boot.initrd.luks.devices.<name>.header | The name of the file or block device that
should be used as header for the encrypted device.
|
| users.extraGroups.<name>.gid | The group GID
|
| security.wrappers.<name>.program | The name of the wrapper program
|
| services.opengfw.rules.*.modifier.name | Name of the modifier.
|
| services.factorio.game-name | Name of the game as it will appear in the game listing.
|
| services.i2pd.outTunnels.<name>.port | Bind port for ‹name› endpoint.
|
| services.cgit.<name>.user | User to run the cgit service as.
|
| boot.initrd.luks.devices.<name>.keyFile | The name of the file (can be a raw device or a partition) that
should be used as the decryption key for the encrypted device
|
| networking.fqdn | The fully qualified domain name (FQDN) of this host
|
| users.users.<name>.shell | The path to the user's shell
|
| networking.domain | The system domain name
|
| services.corosync.nodelist.*.name | Node name
|
| environment.etc.<name>.target | Name of symlink (relative to
/etc)
|
| services.firezone.server.provision.accounts.<name>.name | The account name
|
| networking.vswitches.<name>.openFlowVersion | Version of OpenFlow protocol to use when communicating with the switch internally (e.g. with openFlowRules).
|
| services.journalbeat.name | Name of the beat
|
| nix.registry.<name>.to | The flake reference from is rewritten to
|
| users.users.<name>.enable | If set to false, the user account will not be created
|
| networking.wireless.networks.<name>.auth | Use this option to configure advanced authentication methods
like EAP
|
| services.iodine.clients | Each attribute of this option defines a systemd service that
runs iodine
|
| services.firewalld.services.<name>.ports.*.port | |
| programs.nix-required-mounts.allowedPatterns.<name>.unsafeFollowSymlinks | Whether to enable Instructs the hook to mount the symlink targets as well, when any of
the paths contain symlinks
|
| networking.supplicant.<name>.configFile.path | External wpa_supplicant.conf configuration file
|
| systemd.paths.<name>.wants | Start the specified units when this unit is started.
|
| containers.<name>.extraVeths.<name>.forwardPorts.*.protocol | The protocol specifier for port forwarding between host and container
|
| systemd.paths.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| services.gitwatch.<name>.user | The name of services's user
|
| users.users.<name>.pamMount | Attributes for user's entry in
pam_mount.conf.xml
|
| networking.supplicant.<name>.extraConf | Configuration options for wpa_supplicant.conf
|
| nix.registry.<name>.flake | The flake input from is rewritten to.
|
| services.invoiceplane.sites.<name>.database.name | Database name.
|
| services.bacula-fd.tls.allowedCN | Common name attribute of allowed peer certificates
|