| services.reposilite.group | The group to run Reposilite under.
|
| services.syncplay.certDir | TLS certificates directory to use for encryption
|
| services.openvscode-server.group | The group to run openvscode-server under
|
| users.groups.<name>.gid | The group GID
|
| services.mattermost.group | Group which runs the Mattermost service.
|
| services.scollector.group | Group account under which scollector runs.
|
| services.healthchecks.group | Group account under which healthchecks runs.
If left as the default value this group will automatically be created
on system activation, otherwise you are responsible for
ensuring the group exists before the healthchecks service starts.
|
| services.shairport-sync.group | Group account name under which to run shairport-sync
|
| services.nullmailer.group | Group to use to run nullmailer-send.
|
| services.gns3-server.ssl.certFile | Path to the SSL certificate file
|
| services.journald.gateway.cert | The path to a file or AF_UNIX stream socket to read the server
certificate from
|
| services.sourcehut.hg.group | Group for hg.sr.ht
|
| services.borgbackup.repos.<name>.group | The group borg serve is run as
|
| services.mailman.ldap.groupSearch.type | Type of group to perform a group search against.
|
| services.komodo-periphery.group | Group under which the Periphery agent runs.
|
| services.cloudflare-ddns.group | Group under which the service runs.
|
| services.sourcehut.man.group | Group for man.sr.ht
|
| services.sourcehut.git.group | Group for git.sr.ht
|
| services.sourcehut.hub.group | Group for hub.sr.ht
|
| services.opensearch.group | The group OpenSearch runs as
|
| users.groups.<name>.name | The name of the group
|
| services.silverbullet.group | The group to run Silverbullet under
|
| services.sourcehut.todo.group | Group for todo.sr.ht
|
| services.sourcehut.meta.group | Group for meta.sr.ht
|
| services.ghostunnel.servers.<name>.cert | Path to certificate (PEM with certificate chain)
|
| services.dolibarr.h2o.acme.useHost | An existing Let’s Encrypt certificate to use for this virtual
host
|
| services.hbase-standalone.group | Group account under which HBase runs.
|
| services.netbird.tunnels.<name>.user.group | A system group name for this client instance.
|
| services.netbird.clients.<name>.user.group | A system group name for this client instance.
|
| services.filebrowser.group | Group under which FileBrowser runs.
|
| services.meshtasticd.group | Group meshtasticd runs as.
|
| services.qbittorrent.group | Group under which qbittorrent runs.
|
| services.writefreely.group | Group under which Writefreely is ran.
|
| services.taskserver.pki.manual.ca.cert | Fully qualified path to the CA certificate.
Setting this option will prevent automatic CA creation and handling.
|
| environment.etc.<name>.group | Group name of file owner
|
| services.sourcehut.paste.group | Group for paste.sr.ht
|
| services.sourcehut.lists.group | Group for lists.sr.ht
|
| services.sourcehut.pages.group | Group for pages.sr.ht
|
| services.stargazer.certOrg | The name of the organization responsible for the X.509
certificate's /O name.
|
| services.keepalived.vrrpScripts.<name>.group | Name of group to run the script under
|
| services.vdirsyncer.jobs.<name>.group | group to run vdirsyncer as
|
| hardware.cpu.intel.sgx.provision.group | Group to assign to the SGX provisioning device.
|
| services.sillytavern.group | Group account under which the web-application run.
|
| services.wyoming.satellite.group | Group to run wyoming-satellite under.
|
| services.maddy.tls.certificates.*.certPath | Path to the certificate used for TLS.
|
| services.vault-agent.instances.<name>.group | Group under which this instance runs.
|
| services.cockroachdb.certsDir | The path to the certificate directory.
|
| services.thanos.rule.grpc-server-tls-cert | TLS Certificate for gRPC server, leave blank to disable TLS
|
| services.sourcehut.builds.group | Group for builds.sr.ht
|
| services.thanos.query.grpc-client-tls-cert | TLS Certificates to use to identify this client to the server
|
| services.davis.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.movim.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.slskd.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.snipe-it.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.suricata.settings.run-as.group | Run Suricata with a specific group-id.
|
| services.gitlab.registry.certFile | Path to GitLab container registry certificate.
|
| services.librespeed.useACMEHost | Use a certificate generated by the NixOS ACME module for the given host
|
| services.thanos.query.grpc-server-tls-cert | TLS Certificate for gRPC server, leave blank to disable TLS
|
| services.thanos.store.grpc-server-tls-cert | TLS Certificate for gRPC server, leave blank to disable TLS
|
| services.taskserver.pki.manual.server.cert | Fully qualified path to the server certificate.
Setting this option will prevent automatic CA creation and handling.
|
| services.mail.sendmailSetuidWrapper.group | The group of the wrapper program.
|
| services.kubernetes.apiserver.etcd.certFile | Etcd cert file.
|
| security.tpm2.tssGroup | Group of the tpm kernel resource manager (tpmrm) device-group, set if
applyUdevRules is set.
|
| services.akkoma.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.gancio.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.fluidd.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.matomo.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.monica.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.anubis.defaultOptions.group | The group under which Anubis is run
|
| services.athens.storage.mongo.certPath | Path to the certificate file for the mongo database.
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.group | The group of the file
|
| services.anubis.instances.<name>.group | The group under which Anubis is run
|
| services.blockbook-frontend.<name>.group | The group as which to run blockbook-frontend-‹name›.
|
| services.foundationdb.group | Group account under which FoundationDB runs.
|
| services.matterbridge.group | Group which runs the matterbridge service.
|
| services.transmission.group | Group account under which Transmission runs.
|
| security.sudo.extraRules.*.runAs | Under which user/group the specified command is allowed to run
|
| services.portunus.ldap.tls | Whether to enable LDAPS protocol
|
| services.prometheus.exporters.chrony.group | Group under which the chrony exporter shall be run
|
| services.authelia.instances.<name>.group | The name of the group for this authelia instance.
|
| security.sudo-rs.extraRules.*.runAs | Under which user/group the specified command is allowed to run
|
| services.privoxy.certsLifetime | If inspectHttps is enabled, the time generated HTTPS
certificates will be stored in a temporary directory for reuse
|
| services.prometheus.exporters.frr.group | Group under which the frr exporter shall be run
|
| services.mailman.ldap.groupSearch.ou | Organizational unit to look up a group.
|
| services.xserver.desktopManager.phosh.group | The group to run the Phosh service.
|
| services.wstunnel.servers.<name>.useACMEHost | Use a certificate generated by the NixOS ACME module for the given host
|
| services.komodo-periphery.ssl.certFile | Path to SSL certificate file.
|
| services.prometheus.exporters.node-cert.enable | Whether to enable the prometheus node-cert exporter.
|
| services.hostapd.radios.<name>.networks.<name>.group | Members of this group can access the control socket for this interface.
|
| services.thanos.sidecar.grpc-server-tls-cert | TLS Certificate for gRPC server, leave blank to disable TLS
|
| services.thanos.receive.grpc-server-tls-cert | TLS Certificate for gRPC server, leave blank to disable TLS
|
| users.groups | Additional groups to be created automatically by the system.
|
| services.caddy.virtualHosts.<name>.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.nginx.tailscaleAuth.group | Alias of services.tailscaleAuth.group.
|
| services.librenms.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.kanboard.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.agorakit.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.dolibarr.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.fediwall.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.pixelfed.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|