| services.prometheus.scrapeConfigs.*.puppetdb_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.prometheus.scrapeConfigs.*.marathon_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.pgmanage.connections | pgmanage requires at least one PostgreSQL server be defined
|
| services.prometheus.remoteWrite.*.basic_auth | Sets the Authorization header on every remote write request with the
configured username and password.
password and password_file are mutually exclusive.
|
| services.amule.settings.ExternalConnect.ECPassword | MD5 hash of the password, obtainaible with echo "<password>" | md5sum | cut -d ' ' -f 1
|
| services.reposilite.settings.keyPassword | Plaintext password used to unlock the Java KeyStore set in services.reposilite.settings.keyPath
|
| services.davis.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.movim.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.slskd.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.snipe-it.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.sourcehut.settings.mail.pgp-privkey | An absolute file path (which should be outside the Nix-store)
to an OpenPGP private key
|
| services.writefreely.admin.initialPasswordFile | Path to a file containing the initial password for the admin user
|
| services.prometheus.scrapeConfigs.*.basic_auth | Sets the Authorization header on every scrape request with the
configured username and password.
password and password_file are mutually exclusive.
|
| services.gns3-server.auth.enable | Whether to enable password based HTTP authentication to access the GNS3 Server.
|
| services.iperf3.rsaPrivateKey | Path to the RSA private key (not password-protected) used to decrypt authentication credentials from the client.
|
| users.allowNoPasswordLogin | Disable checking that at least the root user or a user in the wheel group can log in using
a password or an SSH key
|
| services.tt-rss.feedCryptKey | Key used for encryption of passwords for password-protected feeds
in the database
|
| services.prometheus.scrapeConfigs.*.kubernetes_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.firebird.baseDir | Location containing data/ and system/ directories.
data/ stores the databases, system/ stores the password database security2.fdb.
|
| services.diod.allsquash | Remap all users to "nobody"
|
| services.wakapi.smtpPassword | The password used for the smtp mailed to used by Wakapi.
|
| services.gancio.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.fluidd.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.akkoma.nginx.basicAuth | Basic Auth protection for a vhost
|
| security.doas.extraRules.*.persist | If true, do not ask for a password again for some
time after the user successfully authenticates.
|
| services.unpoller.loki.pass | Path of a file containing the password for Loki
|
| services.monica.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.matomo.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.tt-rss.email.fromAddress | Address for sending outgoing mail
|
| boot.initrd.luks.devices.<name>.gpgCard | The option to use this LUKS device with a GPG encrypted luks password by the GPG Smartcard
|
| services.hostapd.radios.<name>.networks.<name>.authentication.wpaPasswordFile | Sets the password for WPA-PSK
|
| services.lldap.settings.ldap_user_pass | Password for default admin password
|
| services.prometheus.scrapeConfigs.*.dockerswarm_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.mosquitto.listeners.*.users.<name>.hashedPassword | Specifies the hashed password for the MQTT User
|
| services.jigasi.userPasswordFile | Path to file containing password for XMPP user connection.
|
| services.jicofo.userPasswordFile | Path to file containing password for XMPP user connection.
|
| security.pam.u2f.control | This option sets pam "control"
|
| security.pam.p11.control | This option sets pam "control"
|
| boot.loader.grub.users | User accounts for GRUB
|
| services.wakapi.smtpPasswordFile | The path to a file containing the password for the smtp mailer used by Wakapi.
|
| services.gitea.mailerPasswordFile | Path to a file containing the SMTP password.
|
| services.davis.adminPasswordFile | The full path to a file that contains the admin's password
|
| services.kasmweb.redisPassword | password to use for the redis cache.
|
| services.prometheus.scrapeConfigs.*.digitalocean_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.prometheus.exporters.deluge.delugePassword | Password to connect to deluge server
|
| services.diod.squashuser | Change the squash user
|
| services.documize.db | Database specific connection string for example:
- MySQL/Percona/MariaDB:
user:password@tcp(host:3306)/documize
- MySQLv8+:
user:password@tcp(host:3306)/documize?allowNativePasswords=true
- PostgreSQL:
host=localhost port=5432 dbname=documize user=admin password=secret sslmode=disable
- MSSQL:
sqlserver://username:password@localhost:1433?database=Documize or
sqlserver://sa@localhost/SQLExpress?database=Documize
|
| services.davis.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| security.pam.krb5.enable | Enables Kerberos PAM modules (pam-krb5,
pam-ccreds)
|
| security.pam.ussh.control | This option sets pam "control"
|
| services.coder.database.sslmode | Password for accessing the database.
|
| services.movim.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.slskd.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.hebbot.botPasswordFile | A path to the password file for your bot
|
| services.misskey.settings.db.pass | The password used for database authentication.
|
| services.snipe-it.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| security.pam.services.<name>.nodelay | Whether the delay after typing a wrong password should be disabled.
|
| services.buildbot-worker.workerPass | Specifies the Buildbot Worker password.
|
| programs.corectrl.enable | Whether to enable CoreCtrl, a tool to overclock amd graphics cards and processors
|
| security.run0.wheelNeedsPassword | Whether users of the wheel group must
provide a password to run commands as super user via run0.
|
| security.loginDefs.settings | Config options for the /etc/login.defs file, that defines
the site-specific configuration for the shadow password suite
|
| services.slurm.server.enable | Whether to enable the slurm control daemon
|
| services.vsftpd.forceLocalLoginsSSL | Only applies if sslEnable is true
|
| security.sudo.wheelNeedsPassword | Whether users of the wheel group must
provide a password to run commands as super user via sudo.
|
| services.librenms.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.agorakit.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.fluidd.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.akkoma.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.gancio.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.dolibarr.nginx.basicAuth | Basic Auth protection for a vhost
|
| security.doas.wheelNeedsPassword | Whether users of the wheel group must provide a password to
run commands as super user via doas.
|
| services.kanboard.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.fediwall.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.matomo.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.mainsail.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.monica.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.pixelfed.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.calibre-server.auth.enable | Password based authentication to access the server
|
| security.sudo-rs.wheelNeedsPassword | Whether users of the wheel group must
provide a password to run commands as super user via sudo.
|
| services.boinc.allowRemoteGuiRpc | If set to true, any remote host can connect to and control this BOINC
client (subject to password authentication)
|
| services.amule.WebServerPasswordFile | File containing the password for connecting to the web server,
set this only if you didn't set `settings
|
| security.pam.services.<name>.googleAuthenticator.forwardPass | The authentication provides a single field requiring
the user's password followed by the one-time password (OTP).
|
| services.magnetico.web.credentialsFile | The path to the file holding the credentials to access the web
interface
|
| security.pam.yubico.control | This option sets pam "control"
|
| services.couchdb.extraConfigFiles | Extra configuration files
|
| services.tt-rss.plugins | List of plugins to load automatically for all users
|
| services.redis.servers.<name>.requirePassFile | File with password for the database.
|
| services.mosquitto.listeners.*.users.<name>.hashedPasswordFile | Specifies the path to a file containing the
hashed password for the MQTT user
|
| security.pam.services.<name>.gnupg.storeOnly | Don't send the password immediately after login, but store for PAM
session.
|
| services.radicle.httpd.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.hostapd.radios.<name>.networks.<name>.authentication.wpaPassword | Sets the password for WPA-PSK that will be converted to the pre-shared key
|
| services.wstunnel.clients.<name>.upgradeCredentials | Use these credentials to authenticate during the HTTP upgrade request
(Basic authorization type, USER:[PASS]).
Passwords specified here will be world-readable in the Nix store!
To pass a password to the service, point the environmentFile option
to a file containing HTTP_PASSWORD=<your-password-here> and set this
option to <user>:$HTTP_PASSWORD
|
| services.buildbot-worker.workerPassFile | File used to store the Buildbot Worker password
|
| services.freshrss.database.passFile | Database password file for FreshRSS.
|
| services.oauth2-proxy.basicAuthPassword | The password to set when passing the HTTP Basic Auth header.
|
| services.nntp-proxy.upstreamPassword | Upstream server password
|
| services.anuko-time-tracker.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.flarum.initialAdminPassword | Initial password for the adminUser
|
| services.immich.secretsFile | Path of a file with extra environment variables to be loaded from disk
|
| services.getty.autologinOnce | If enabled the automatic login will only happen in the first tty
once per boot
|